Full Disclosure mailing list archives
Re: Re: Arin.net XSS
From: "J u a n" <perfectirijillo () gmail com>
Date: Fri, 3 Mar 2006 15:34:05 -0300
On 3/3/06, Alexander Hristov <joffer () gmail com> wrote:
Just tested : http://ws.arin.net/whois/?queryinput=%3CIMG+SRC%3D%22javascript%3Aalert%28%27XSS%27%29%3B%22%3E it still works for me
works for me on internet explorer, didn't work with firefox 1.5 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Arin.net XSS Terminal Entry (Mar 03)
- Re: Arin.net XSS Dave Korn (Mar 03)
- Re: Re: Arin.net XSS Alexander Hristov (Mar 03)
- Re: Re: Arin.net XSS J u a n (Mar 03)
- Re: Re: Arin.net XSS Alexander Hristov (Mar 03)
- Re: Arin.net XSS Steven (Mar 03)
- Re: Arin.net XSS Simon Smith (Mar 03)
- Re: Arin.net XSS Steven (Mar 03)
- Re: Arin.net XSS Dave Korn (Mar 06)
- RE: Arin.net XSS php0t (Mar 03)
- Re: Arin.net XSS Michael Holstein (Mar 03)
- Re: Arin.net XSS Dave Korn (Mar 06)
- Re: Re: Arin.net XSS Paul Farrow (Mar 06)
- Re: Arin.net XSS Simon Smith (Mar 03)
- Re: Arin.net XSS Dave Korn (Mar 03)
- <Possible follow-ups>
- RE: Re: Arin.net XSS Terminal Entry (Mar 03)
- Re: Re: Arin.net XSS Dave Korn (Mar 06)