Full Disclosure mailing list archives
Permanent XSS on the nuit du hack webmail service
From: klondike <klondike () xiscosoft es>
Date: Sat, 24 Mar 2012 05:27:20 +0100
So I was bored with the nuit du hack prequals and decided to test a bit the e-mail service. The guys have a cool XSS injection on the fake webmail service which can be exploited with a properly crafted subject (i.e. <script>alert('Hello!');</script> ). I thought the guys behind nuit du hack were a bit more serious than this... klondike
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Permanent XSS on the nuit du hack webmail service klondike (Mar 23)
- Re: Oracle based personal data dumping attack on the nuit du hack CTF klondike (Mar 23)
- Re: Oracle based personal data dumping attack on the nuit du hack CTF Damien Cauquil (Mar 26)
- Re: Oracle based personal data dumping attack on the nuit du hack CTF majinboo (Mar 26)
- Re: Oracle based personal data dumping attack on the nuit du hack CTF klondike (Mar 27)
- Re: Oracle based personal data dumping attack on the nuit du hack CTF Damien Cauquil (Mar 26)
- Re: Oracle based personal data dumping attack on the nuit du hack CTF klondike (Mar 23)