|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Invision Power Board v1.3 Final Cross Site Scripting 2 - Addon
From: Rafel Ivgi, The-Insider (theinsider
012.net.il)
Date: Mon Mar 08 2004 - 23:39:43 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi Everyone!
I Just found more XSS at "Invision Power Board v1.3 Final" forum.
This is the new hole:
http://<host>/forum//index.php?s=&act=chat&pop=1;'><script>alert('this could
be your cookie')</script><plaintext>
it is at the "pop" field.
Rafel Ivgi, The-Insider.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]