lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 19 May 2006 17:05:34 -0700 From: "Google Security Team" <security@...gle.com> To: bugtraq@...urityfocus.com Subject: Re: XSS in orkut.com Google has investigated this report and verified the validity of this bug. It has been fixed. We take the security of our services and users very seriously, and work to rapidly resolve any reported vulnerabilities. In the interest of minimizing the impact that security vulnerabilities have on our end users, we highly encourage anyone who discovers a vulnerability in a Google product or service to follow responsible disclosure policies by contacting us first at security@...gle.com. -- -- Cory Altheide -- Incident Response Lead -- Google Security Team -- security@...gle.com On 5/15/06, Rohin Koul <rohin.koul@...il.com> wrote: > Hi, > I found this little XSS thing with the search.aspx page of orkut.com. > The page uses GET method to get user criteria for searching the > profiles of people. > The fields textboxAgeFrom and textboxAgeTo in the URL are not verified > and one can inject any html code using these parameters. > Proof of concept > http://www.orkut.com/Search.aspx?q=&checkPhoto=on&dropdownLocation=1&textboxZip=&textboxAgeFrom=&textboxAgeTo=%3Cinput+type%3Dsubmit+onclick%3Djavascript%3Aalert%28%27a%27%29%3E&dropdownDating=choose°ree=radioAll&hiddenState=&hiddenCountry=91&view=&pno=1 > > Note: You should be logged in to orkut to access this page. > > -- > "if you don't know where you are going, > what difference does it make,which path you take" > ---Cheshire Cat > -- -- Cory Altheide -- Incident Response Lead -- Google Security Team
Powered by blists - more mailing lists