Lycos offers several advanced web applications through a service called HTMLGear. Among the services offered are guestbooks. A vulnerability exists in the Lycos guestbook that could enable someone to launch an attack against visitors whose browsers supported inline CSS (IE, for example). By specifying an e-mail address/web page URL like the following: " STYLE="expression([javascript]) The JavaScript block will execute. Some less-paranoid versions of the guestbook also allow a typical IMG attack: <IMG SRC="javascript:[javascript]"> This will yield the same results in many cases.
This archive was generated by hypermail 2b30 : Tue Sep 17 2002 - 23:43:56 PDT