Форум АНТИЧАТ

Форум АНТИЧАТ (https://forum.antichat.xyz/index.php)
-   Forum for discussion of ANTICHAT (https://forum.antichat.xyz/forumdisplay.php?f=72)
-   -   Google Urchin password theft madness (https://forum.antichat.xyz/showthread.php?t=49781)

Fugitif 24.09.2007 23:50
Google Urchin password theft madness
 
Цитата:
There is a trivially exploitable XSS vul on Google Urchin Web Analytics
5's login page. The vulnerability has been tested on versions 5.6.00r2,
v5.7.01, 5.7.02 and 5.7.03 (latest). Previous versions are most likely
to be affected as well.

I know that you're sick of XSS PoCs that only open alert boxes. So I
crafted a exploit URL that will steal the victim's username and password
by simply clicking on it:
http://www.gnucitizen.org/blog/googl...-theft-madness


Время: 12:51