Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Servers :: a6099.htm

Verity Information Server XSS



6th Apr 2003 [SBWID-6099]
COMMAND

	XSS Bug In Verity Information Server

SYSTEMS AFFECTED

	Verity Information Server

PROBLEM

	Thnaks to decka trash [decka_trash@yahoo.com] :
	
	I Found A Cross Site Scripting Bug  In  Verity  Information  Server  And
	Will Be Executed.
	
	Example:-
	
	Try To Put A Script In A Search Box But Beginning  With  ">  And  Ending
	With <
	
	More Example:-
	
	"><script>alert(document.cookie)</script><  ...And Search For It.
	
	I Have Tested It On Pentagon.gov And Its Work ;p~

SOLUTION

	?


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH