Vulnerability Development mailing list archives
RE: thttpd : Cross Site Scripting.
From: Ory Segal <ORY.SEGAL () SANCTUMINC COM>
Date: Tue, 5 Mar 2002 02:48:06 -0800
NOTE: For some reason the < and > symbols were translated to HTML entities, this only works of course with the actual < > symbols.
-----Original Message----- From: frog frog [mailto:leseulfrog () hotmail com] Sent: Saturday, March 02, 2002 1:01 PM To: vuln-dev () securityfocus com Subject: thttpd : Cross Site Scripting. http://THTTPDHOST/<script>[ANYSCRIPT]</script> Version : thttpd/2.20b 10oct00 and maybe others... http://www.acme.com/software/thttpd/ If anyone know another version who's vulnerable, mail me please... Sorry for my bad english. frog-m@n
Current thread:
- thttpd : Cross Site Scripting. frog frog (Mar 05)
- <Possible follow-ups>
- RE: thttpd : Cross Site Scripting. Ory Segal (Mar 05)