To add to the late plethora of CSS bugs, ign.com has some too.

'Vendor' contacted about a week ago at various mailaddresses, no reply.

visiting http://mediaviewer.ign.com/mediaPage.jsp?object_id=15984&media_type=P&ign_section=17&adtag=network%3Dign%26site%3Dps2viewer%26adchannel%3Dps2%26pagetype%3Darticle&page_title=knud+fighter+4

will show you some screenshots from 'knud fighter 4' (really virtua fighter 4 shots).. the &page_title=blabla doesn't filter <tags> so it's possible to steal cookies and whatnot.. I haven't tried in the members section, since i can't really access it without an account, but i assume it uses the same files since ps2.ign.com/pc.ign.com/pocket.ign.com all utilize mediaviewer.ign.com/mediaPage.jsp for their media (p)reviews.

random thought: is bugtraq really the correct place for css bugs? many vulnerable scripts are 'homemade' .. so it's not like there's much value in reporting 'site x has css bug in blah.php' ..

-Knud

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]