Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

[Full-disclosure] CVE-2007-3693: Cross site scripting and information disclosure in gobi/helma

[Full-disclosure] Calyptix Security Advisory CX-2007-05 - eSoft InstaGate EX2 Cross-Site Request Forgery Attack

Dotclear remote script execution

Powered By Dvbbs Version 7.1.0 Sp1 By Pass

From:	Susam Pal <susam_(at)_susam.in>
Date:	12.07.2007
Subject:	[Full-disclosure] HomestayFinder XSS Vulnerability in Wikipedia Mirror

There is an XSS vulnerability in HomestayFinder's 'Dictionary.aspx'
script which is responsible for mirroring the content of Wikipedia. I
found this interesting because here a script injected in one website
exploits an XSS vulnerability in another website.

I am including only a short example to demonstrate the issue. The
complete document is available at:-
http://susam.in/security/advisory-2007-07-11.txt

http://en.wikipedia.org/wiki/User:Susam_pal/Sandbox consists of the
following as the source wiki markup:

  <script>alert('XSS Demo')</script>

http://www.homestayfinder.com/Dictionary.aspx?q=User:Susam_pal/Sandbox
consists of the same code as HTML without the special characters encoded
as HTML entities. Hence, the script is executed on the browser of the
visitor.

Contact Information:-
Susam Pal
susam@susam.in
http://susam.in/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/