Caramail.com : cross scripting

From: frog frog (leseulfrogat_private)
Date: Thu Dec 20 2001 - 00:14:06 PST

Next message: Trustix Secure Linux Advisor: "TSLSA-2001-0030 - openssh"

Previous message: the Pull: "Internet Explorer Document.Open() Without Close() Cookie Stealing, File Reading, Site Spoofing Bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) on all the servers : www1 ===> www50 : www45.caramail.com/general.jsp? ERROR=<script>alert('hum...')</script> frog

Next message: Trustix Secure Linux Advisor: "TSLSA-2001-0030 - openssh"
Previous message: the Pull: "Internet Explorer Document.Open() Without Close() Cookie Stealing, File Reading, Site Spoofing Bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Dec 20 2001 - 07:30:57 PST