Full Disclosure mailing list archives
XSS @ DHL
From: "Static Rez" <staticrez () gmail com>
Date: Mon, 24 Dec 2007 16:48:17 -0500
I know these XSS vulns are kind of easy to find and they usually come off as "so easy a monkey could do it", but i thought i'd throw this one out there... http://track.dhl-usa.com//atrknav.asp?shipmentNumber= <script>alert('test')</script> sincerely, a monkey.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- XSS @ DHL Static Rez (Dec 24)