Bugtraq mailing list archives
WebCT 4.1 vulnerable to XSS attacks
From: <lacertosum () yahoo com>
Date: 11 Apr 2005 18:33:51 -0000
The discussion board feature of WebCT is vulnerable to XSS. Here is the proof of concept: When you are composing a new message, in the message field of the form, type this: </pre><table background=java	script:alert("XSS Warning")> </table> Then submit the message. You should see a JavaScript alert box that says "XSS Warning" when you wiew your message. It is also possible to redirect users that view the message to an outside page (I did this on my college's WebCT board). Obviously, a malicious person could exploit this to steal WebCT's cookies and possibly compromise user accounts. The redirect exploit is simple enough: </pre><table background=java	script:location.replace("URL")> </table>
Current thread:
- WebCT 4.1 vulnerable to XSS attacks lacertosum (Apr 12)