[Gnuheter-dev] XSS-fel i article.php

gnuheter-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Gnuheter-dev] XSS-fel i article.php

From:	Lars-Erik Stenholm
Subject:	[Gnuheter-dev] XSS-fel i article.php
Date:	Tue, 1 Apr 2003 18:20:33 +0200 (CEST)

TWIMC, "sid" hanteras inte korrekt i article.php. Har ingen gnuheterkod
tillgänglig just nu så istället för en patch skickar jag därför min
medhjälpare att peka ut de platser där detta skulle kunna exploitas:

http://www.gnuheter.com/article.php?sid=1495%22%3E%3Cimg%20border=0%20src=http://less.mumin.nu/glajsmurf.png%3E%3Cinput%20value=XSS-IS-3VU1

:-)

//Lasse

[Prev in Thread]

Current Thread

[Next in Thread]

[Gnuheter-dev] XSS-fel i article.php, Lars-Erik Stenholm <=

Next by Date: [Gnuheter-dev] [Bug #2890] docs.php XSS
Next by thread: [Gnuheter-dev] [Bug #2890] docs.php XSS
Index(es):
- Date
- Thread