| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040622165026.20393.qmail@www.securityfocus.com> Date: 22 Jun 2004 16:50:26 -0000 From: Josh Gilmour <joshg@...qwest.com> To: bugtraq@...urityfocus.com Subject: ArbitroWeb v0.6 Javascript injection vulnerability vendor: ArbitroWeb about: An anonymous web surfing proxy written in PHP. ArbitroWeb will redirect all web requests thru it's set of scripts, all URL's contained will be adjusted/mangled to it's own scripts. date: june 22nd, 2004 vendor status: ? problem: javascript can be injected into the /?rawURL= field... ex: www.server.com/?rawURL=<script>javascript:alert();</script> popups up a javascript alert... could be hazardous.... example (alert pops up 100 times): www.server.com/?rawURL=<script>javascript:for(var i = 0; i < 100; i++) alert();</script> it filters out the character " by making it \" so having it do various things that you can usually do with javascript injection is a problem... yet this should be fixed nonetheless, and its a possibility the character " has a workaround... thanks to wehack.com, as i was looking thrugh their site at advisories and came upon this product.... Thanks, Josh Gilmour joshg <at> conqwest <dot> com
Powered by blists - more mailing lists