GMX.NET Vulnerability

Discussion in 'other security issues & news' started by Paul Wilders, Apr 11, 2002.

Thread Status:
Not open for further replies.
  1. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,475
    Location:
    The Netherlands
    Title 11/4/2002
    GMX.net Contains a Cross Site Scripting Vulnerability (overture)


    Summary
    GMX.net is one of the best-known and largest German free e-mail providers and is supposed to also provide its services to several other countries. In the web search function exists a flaw that allows Cross Site Scripting.


    Details
    The "Websearch" of gmx.net does not check for any hostile input. Allowing attackers to insert arbitrary HTML and JavaScript into existing web pages.

    source: securiteam.com
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.