AOH :: HP Unsorted T :: B06-2709.HTM

Timberland search xss vulnerability



Timberland Search XSS Vulnerability
Timberland Search XSS Vulnerability



There's a vulnerability in Timberland's search engine.

The variable 'keywords' in searchHandler/index.jsp is not correctly sanitized.

URL:
hxxp://www.timberland.com/searchHandler/index.jsp?keywords=[XSS Code]

Example:
hxxp://www.timberland.com/searchHandler/index.jsp?keywords=

Author: O.G.

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.