h**p://www.kplaylist.net/?ver=1.6&build=4010%3Cscript%3Ealert(document.cookie)%3C/script%3E
Using a malformed link, one could steal forum accounts from this forum. A simple "htmlentities()" should do the job of fixing
Best regards
Sleepy BO
[SECURITY] XSS Bug in Updatechecker
2 posts
• Page 1 of 1
[SECURITY] XSS Bug in Updatechecker
by Sleepy_Bo » Sun Mar 05, 2006 3:50 pm
Hi, you got a Cross-Site-Scripting Bug in the update checker script
h**p://www.kplaylist.net/?ver=1.6&build=4010%3Cscript%3Ealert(document.cookie)%3C/script%3E
Using a malformed link, one could steal forum accounts from this forum. A simple "htmlentities()" should do the job of fixing
Best regards
Sleepy BO
h**p://www.kplaylist.net/?ver=1.6&build=4010%3Cscript%3Ealert(document.cookie)%3C/script%3E
Using a malformed link, one could steal forum accounts from this forum. A simple "htmlentities()" should do the job of fixing
Best regards
Sleepy BO
- Sleepy_Bo
- Posts: 1
- Joined: Sun Mar 05, 2006 3:47 pm
Re: [SECURITY] XSS Bug in Updatechecker
by aba » Thu Mar 16, 2006 3:33 pm
Sleepy_Bo wrote:Hi, you got a Cross-Site-Scripting Bug in the update checker script
Thanks, been fixed.
Åge
- aba
- Site Admin
- Posts: 2325
- Joined: Wed May 08, 2002 9:19 am
2 posts
• Page 1 of 1