|
From: | Daniel Kahn Gillmor |
Subject: | [Savannah-help-public] [sr #106475] Cross-site scripting using feedback variable |
Date: | Fri, 22 Aug 2008 17:40:59 +0000 |
User-agent: | Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.1) Gecko/2008071618 Iceweasel/3.0.1 (Debian-3.0.1-1) |
URL: <http://savannah.gnu.org/support/?106475> Summary: Cross-site scripting using feedback variable Project: Savannah Administration Submitted by: dkg Submitted on: Fri 22 Aug 2008 01:40:58 PM EDT Category: None Priority: 5 - Normal Severity: 6 - Security Status: None Assigned to: None Originator Email: Daniel Kahn Gillmor <address@hidden> Operating System: None Open/Closed: Open Discussion Lock: Any _______________________________________________________ Details: Hey folks. It looks to me like i can coax an XSS attack out of the savannah infrastructure by injecting arbitrary html (including attributes which execute javascript) in the "feedback" variable. [/my/admin/?feedback=monkeytown.%20%3Cimg%20onmouseover=%22alert(%27monkeys!%27);%22%20src=%20%2Fimages%2FSavannah.theme%2Ffloating.png%20%20%2F%3E#6917874799045293895 hover over the gnu that appears when you follow this link for an example] (i'm not sure if it will work right because there's no Preview, but i'll cook something else up in the comments if this attack doesn't work) _______________________________________________________ Reply to this item at: <http://savannah.gnu.org/support/?106475> _______________________________________________ Message sent via/by Savannah http://savannah.gnu.org/
[Prev in Thread] | Current Thread | [Next in Thread] |