GMX.NET Vulnerability

Discussion in 'other security issues & news' started by Paul Wilders, Apr 11, 2002.

Thread Status:
Not open for further replies.
  1. Paul Wilders

    Paul Wilders Administrator

    Jul 1, 2001
    The Netherlands
    Title 11/4/2002 Contains a Cross Site Scripting Vulnerability (overture)

    Summary is one of the best-known and largest German free e-mail providers and is supposed to also provide its services to several other countries. In the web search function exists a flaw that allows Cross Site Scripting.

    The "Websearch" of does not check for any hostile input. Allowing attackers to insert arbitrary HTML and JavaScript into existing web pages.

Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.