<<< Date Index >>>     <<< Thread Index >>>

RE: google xss



My BlackICE stops this from XSS from happening, however changing the URL
from a .ae domain to a .com and leaving the rest in tact, I am then
prompted.

http://www.google.com/search?hl=ar&q=<script>alert("1")</script>&meta= 

Ashes

-----Original Message-----
From: almfnod@xxxxxxxxx [mailto:almfnod@xxxxxxxxx] 
Sent: Tuesday, April 04, 2006 2:35 PM
To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: google xss

http://www.google.ae/search?hl=ar&q=<script>alert("1")</script>&meta=