IpLogger <= 1.7 XSS Discovered by: Nomenumbra Date: 21/5/2006 impact:moderate (potential privilege escalation,possible defacement) tjthedj's IpLogger (http://tjthedj.us/projects/iplogger/) suffers from XSS in a user's useragent. It is possible to construct a useragent containing javascript, thus being displayed to the user once he check's the logs. Nomenumbra