info
discussion
exploit
solution
references
Fog Creek Software FogBugz Default.ASP Cross-Site Scripting Vulnerability
An exploit is not required.
An example URI has been provided:
http://www.example.com/default.asp?pg=pgLogon&dest=[XSS]
Privacy Statement
Copyright 2010, SecurityFocus
