Bugtraq mailing list archives
Timberland Search XSS Vulnerability
From: try_og () hotmail com
Date: 1 Jun 2006 21:51:42 -0000
There's a vulnerability in Timberland's search engine.
The variable 'keywords' in searchHandler/index.jsp is not correctly sanitized.
URL:
hxxp://www.timberland.com/searchHandler/index.jsp?keywords=[XSS Code]
Example:
hxxp://www.timberland.com/searchHandler/index.jsp?keywords=<script>alert('test');</script>
Author: O.G.
Current thread:
- Timberland Search XSS Vulnerability try_og (Jun 04)