[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CensorNet: Cross Site Scripting Vulnerability

To: "Dan Searle" <dan.searle@adelix.com>
Subject: Re: CensorNet: Cross Site Scripting Vulnerability
From: "Richard Maudsley" <maudr001@rbwm.org>
Date: Mon, 27 Oct 2003 12:18:37 +0000

Hi,

"An attacker may construct a link to a vulnerable server such that it
exploits this vulnerability. When an innocent user follows this link, the
script code will be reproduced by the server, and execute within the
context of the vulnerable site. This may result in the exposure of
sensitive data and cookie information, or allow the attacker to subvert
the content and functionality of the site."
Regards,
        Richard Maudsley


- -------------------------------------------------------------------
    This email has been sent from the Royal Borough of Windsor and Maidenhead 
LEA system, if you have cause for complaint regarding the
       content of this email please contact abuse@rbwm.org
- -------------------------------------------------------------------

References:
- CensorNet: Cross Site Scripting Vulnerability
  - From: "Richard Maudsley" <maudr001@rbwm.org>
- Re: CensorNet: Cross Site Scripting Vulnerability
  - From: "Dan Searle" <dan.searle@adelix.com>

Prev by Date: Re: a dangerous fast spreading (yet simple) trojan horse.
Next by Date: Root Directory Listing on RH default apache
Previous by thread: Re: CensorNet: Cross Site Scripting Vulnerability
Next by thread: (Fw) : mIRC 6.12 (latest) DCC Exploit
Index(es):
- Date
- Thread