Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Windows Net Apps :: win5596.htm

MSN Groups makes cross site scripting easy
5th Aug 2002 [SBWID-5596]

	MSN Groups makes cross site scripting easy


	Versions till 28.Jun.2002 this exploit still works


	Obscure                       of             
	[] says :

	My Groups is a list of links  to  all  the  MSN  groups  that  you  have
	created,joined, or marked as interesting places  to  visit  again.  When
	you are signed in with your Microsoft  .NET  Passport,  your  My  Groups
	list can be viewed:

	o On the MSN People & Chat page.

	o On the MSN Groups home page.

	o When you click My Groups near the upper-left corner of any MSN

	Groups page.


	Groups that you join or  create  are  automatically  added  to  your  My
	Groups list. You can also add groups you like to visit by  clicking  Add
	to Groups I Visit on the What's New page of the group. allows any member to upload any file and share them  with
	others. This means that malicious  users  can  upload  files  which  can
	contain Active Content such as JavaScript and VBScript.  Some  of  these
	file types include:


	o SWF

	- maybe a lot more file types.



	Exploit Examples :


	Before accessing this page you will be asked to authenticate. I  put  up
	2 examples:


	c00kie.swf (check out for more info)


	Both of these examples popup an alert with the cookie data.

	You may also link  to  these  from  Hotmail  by  sending  an  e-mail  as
	demonstrated on "Demo 3":




TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH