Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Reflected XSS in http://owaspbwa/vicnum/ #4

Closed
GoogleCodeExporter opened this issue Oct 12, 2015 · 5 comments
Closed

Reflected XSS in http://owaspbwa/vicnum/ #4

GoogleCodeExporter opened this issue Oct 12, 2015 · 5 comments

Comments

@GoogleCodeExporter
Copy link

There is a reflected XSS issue in the OWASP Vicnum application
http://ip/vicnum/.  On that page, when you enter a name
of "Name<script>alert(123)</script> and press "Play", the script will run
on the next page (http://ip/vicnum/cgi-bin/vicnum1.pl).

Original issue reported on code.google.com by chuck.f....@gmail.com on 25 Oct 2009 at 12:54

@GoogleCodeExporter
Copy link
Author

[deleted comment]

1 similar comment
@GoogleCodeExporter
Copy link
Author

[deleted comment]

@GoogleCodeExporter
Copy link
Author

There is a reflected XSS issue in the OWASP Vicnum application
http://owaspbwa/vicnum/  On that page, when you enter a name
of "Name<script>alert(123)</script>" and press "Play", the script will run
on the next page (http://owaspbwa/vicnum/cgi-bin/vicnum1.pl.

Example URL:
http://owaspbwa/vicnum/cgi-bin/vicnum1.pl?player=foo<script>alert(1)</script>

Original comment by chuck.f....@gmail.com on 10 Nov 2009 at 3:26

@GoogleCodeExporter
Copy link
Author

Original comment by chuck.f....@gmail.com on 20 Jan 2010 at 4:25

  • Added labels: Type-KV
  • Removed labels: Known-Vulnerability

@GoogleCodeExporter
Copy link
Author

Original comment by chuck.f....@gmail.com on 20 Jan 2010 at 4:28

  • Changed state: Duplicate

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant