This site is soon to be deprecated by http://www.johnleitch.net

Friday, September 4, 2009

Exploiting The Meta Tag - Local.Myspace.com

Despite the lack of HTML encoding of data passed to the vulnerable market field, tags cannot be used as sending a less than character followed by any alphabetic character redirects the user to a presumably security related error page. But by injecting the http-equiv attribute, the vulnerable meta tag can be repurposed.

http://local.myspace.com/index.cfm?fuseaction=local.hub&dma=467&market=0;http://cross-site-scripting.blogspot.com/"http-equiv="refresh"

2 comments: