| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 9 Aug 2010 22:02:00 +0200 (CEST) From: Pavel Kankovsky <peak@...o.troja.mff.cuni.cz> To: full-disclosure@...ts.grok.org.uk Subject: Re: Cross-Site Scripting vulnerability in Mozilla Firefox, Opera and other browsers On Sun, 8 Aug 2010, MustLive wrote: > Also in all versions of Mozilla and Mozilla Firefox it's possible to use > another variant of Strictly social XSS - with using of -moz-binding (for > Firefox < 3.0 or for Firefox => 3.0 with xml-file on the same site) or with > using of onMouseOver: > > http://site/script.php?param=a:%22%20onMouseOver=%22alert(document.cookie) > > At moving of the cursor on the link here the code will execute in context > of this site. > [...] > > This attack is possible only if redirector (with "302 Found" or "302 Object > moved" answer) outputs double quote in Location header in plain (not in URL > encoding) form. Would you mind showing us the actual HTTP response generated your script.php, esp. its body? -- Pavel Kankovsky aka Peak / Jeremiah 9:21 \ "For death is come up into our MS Windows(tm)..." \ 21st century edition / _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists