belgacom_xss.txt

Posted on 20 August 2007

# Title : Belgacom XSS Flaw # Description : The Belgacom 404 page suffers from an XSS flaw # Author : Tosser # E-mail : ht7015@gmail.com # Proof : http://hostingerrors.isp.belgacom.be/Errors.cgi?url=<iframe src="alert('XSS')"> or go to http://corporate.skynet.be/rits/login/privaat.htm and type the XSS code in the inputfield.