XSS in cookie

["offtopic" <offtopic () mail ru>]

Hi List.

I found XSS in cookie on an Web-application.
So, if i use special-crafted cookie, I can run XSS attak against the site users.
To accomplish attack I must modify cookie on client computer, which I can do by  XSS :-)

Is it vulnerability and if it is, how to use this attack?

Thank you, and sorry for my English,


(c)oded by offtopic () mail ru

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html