Bugtraq mailing list archives

Re: Hotmail security vulnerability - injecting JavaScript using <STYLE> tag

From: smiths () TIAC NET (Richard M. Smith)
Date: Tue, 14 Sep 1999 21:54:22 -0400


Hello,

This is actually more than just another hotmail glitch. Many (all?) web
services are doing things wrong:


Yes, the problem with JavaScript enitities (ie, &{<expression>};) happens
all of over the Web.  Here are some places that I have found where it is
possible to inject JavaScript code into Web pages:

     1.  Most Web Email services
     2.  Most Web message board software
     3.  Most guest book software
     4.  Yahoo profiles (this has now been fixed)
     5.  Techstocks Web board messages.
     6.  Some search engine result pages
     7.  eBay auction postings
     8.  Netcenter (now fixed)

Basically a JavaScript enitity can be added to the end of any URL
for an image or a link.  When the page is displayed, the code
in the enitity is executed.  Pretty much any Web site that allows
user supplied information can have the problem.

Richard

Current thread:

Re: Hotmail security vulnerability - injecting JavaScript using <STYLE> tag Metal Hurlant (Sep 14)
- Re: Hotmail security vulnerability - injecting JavaScript using <STYLE> tag Richard M. Smith (Sep 14)