GMX.NET Vulnerability

Discussion in 'other security issues & news' started by Paul Wilders, Apr 11, 2002.

Thread Status:
Not open for further replies.
  1. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Title 11/4/2002
    GMX.net Contains a Cross Site Scripting Vulnerability (overture)


    Summary
    GMX.net is one of the best-known and largest German free e-mail providers and is supposed to also provide its services to several other countries. In the web search function exists a flaw that allows Cross Site Scripting.


    Details
    The "Websearch" of gmx.net does not check for any hostile input. Allowing attackers to insert arbitrary HTML and JavaScript into existing web pages.

    source: securiteam.com
     
Loading...
Thread Status:
Not open for further replies.