Bugtraq mailing list archives

IpLogger <= 1.7 XSS

From: zerogue () gmail com
Date: 22 May 2006 19:08:45 -0000

IpLogger <= 1.7 XSS

Discovered by: Nomenumbra
Date: 21/5/2006
impact:moderate (potential privilege escalation,possible defacement)

tjthedj's IpLogger (http://tjthedj.us/projects/iplogger/) suffers from XSS in a user's useragent.
It is possible to construct a useragent containing javascript, thus
being displayed to the user once he check's the logs.

Nomenumbra

Current thread:

IpLogger <= 1.7 XSS zerogue (May 23)
- <Possible follow-ups>
- Re: IpLogger <= 1.7 XSS thrasher . basher (May 25)