exploitlabs.com XSS hole someone better beware!

[<dnv () hushmail com>]

Vunerability(s):
----------------
1. Remote / Local XSS SCRIPT EXECUTION!!


Product:
--------
super cool script by moroning_wood, my m3nt0r in teh XSS style!!


Description of product:
-----------------------

no need for description!! mornining_wood is world renowned XSS pioneer
ninja all world know that! 


VUNERABILITY / EXPLOIT
======================

NO NEED to rip other peoples code this time, this can be done with a
browser, 
i tested with mozilla iexplore 3/4/5/6 and oppera i like oppera.

http://exploitlabs.com/thecore/?<script>alert('document.location')</script>

-------------------------------^^^^^^^^^^^^XSS STYLE! MORONING_WOOD TEACH
ME!!!

Local:
------
yes ai run from our kompanie webserver!

Remote:
-------
yes a lot!


Vendor Fix:
-----------
No fix on 0day besides this is too cool to fix i like practicing on moroning_wood
server!!


Vendor Contact:
---------------
no because donnie weiner is sleeping and he taught me all XSS i know
so he must know himself.


Credits:
--------
DNV 
dnv () hushmail com
http://www.ibeatmymeat.dk

remember again all you people I AM THE BEST HACKER IN DENMARK!!! AND
YES TCPDUMB I WAS AT CCC YOU JUST NOT KNOW ME BECAUSE I HIDE UNDERCOVER
LIKE reaL HaCkERS!

http://exploitlabs.com/thecore/?<script>alert('document.location')</script>



Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434

Promote security and make money with the Hushmail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html