Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Cross-Site Scripting Vuln...

From: InterWN Labs <interwn () interwn nl>
Date: 24 Jan 2002 13:01:03 -0000


Hello All.

This is ANOTHER css vuln that has been found 
in web-based e-mail sites.  Its not some high 
profile site but its vulnerable none the less.

I have an email address at www.iraqmail.com and 
it is possible to embed any amount of code into 
the body of the page.

There are 2 things you need to do first.  The first 
thing you must do is register an account at 
www.iraqmail.com  Secondly you must send an 
email to anyone.  In the body of the page after the 
mail has been sent it should say:

Your message has been submitted

If you look in the address space there should be 
a url along the lines of:

http://www.iraqmail.com/Account/Mailbox/INBOX.h
tml?
Info=Your+message+has+been+submitted&SID=
131832-Pv5fIj5GobKp6ipfPks6&

You simply 
replace "Your+message+has+been+submitted" 
with any code and it will appear in the source of 
the page.

http://www.iraqmail.com/Account/Mailbox/INBOX.h
tml?Info=&lt;script&gt;alert('InterWN Labs')
&lt;/script&gt;&SID=131832-Pv5fIj5GobKp6ipfPks6&

That will pop up an alert box with the name of our 
security group.  Im sure someone could find some 
far more clever ways to exploit this.

Thats it. Thanx.

--philer
www.interwn.nl
www.ugcia.net
Previous By Date Next
Previous By Thread Next

Current thread: