Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Zoltan Milosevic (zoltanm_at_xav.com)
Date: Wed Jul 10 2002 - 12:16:11 CDT
Thanks for this bug report.
I have released an updated version which includes a fix (FDSE version
2.0.0.0055). For the folks at securitybugware.org and
securityfocus.com, would you please include a mention of this update if
you issue a report.
Fluid Dynamics Search Engine
From: valdeux [mailto:valdeuxaol.com]
Sent: Wednesday, July 10, 2002 7:40 AM
To: scriptsnickname.net; contactsecuritybugware.org;
Subject: XSS Hole in Fluid Dynamics Search engine
Note : Sorry for my poor english ...
For a multiple result pages search, the script uses the variable
contains current result number.
Anything could be written into, including HTML tags.
Note : it works because "test" returns several pages.