Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Vulnerability-lab.com XSS

From: Ferenc Kovacs <tyra3l () gmail com>
Date: Sun, 5 Feb 2012 21:09:45 +0100
On Fri, Feb 3, 2012 at 4:21 PM, Luis Santana <hacktalk () hacktalk net> wrote:


Earlier today I tried to contact the people over at
http://vulnerability-lab.com about an XSS vulnerability I found on their
site (ironic) but it appears they want nothing to do with me. Praise
Full-Disclosure.

[image: Vulnerability-lab.com XSS - HackTalk Security]<http://i.imgur.com/CripA.jpg>

http://i.imgur.com/CripA.jpg

The Irony Of A Site For Disclosing Site Being Itself Vuln To Something So
Trivial



Basically I tried to report this issue to them through a private message
on youtube and then a follow request on twitter (so I could DM them) but to
no avail. Eventually rem0ve joined freenode and messaged me and told me he
didn’t want to be cooperative with me or even be friendly. Sometimes being
a prick just makes you look like an idiot.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Judging from the screenshot, it seems to be a reflected XSS through the
User-Agent field.
I would be curious how could this be exploited from the client side as you
can't manipulate other visitors User-Agent header.
Of course if the User-Agent is logged and the admin area which displays the
logs has the same defect, then this is a different story.

-- 
Ferenc Kovács
@Tyr43l - http://tyrael.hu

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: