Working Resources BadBlue 1.7 EXT.DLL Cross-Site Scripting Vulnerability

ID EDB-ID:21576
Type exploitdb
Reporter Matthew Murphy
Modified 2002-06-23T00:00:00


Working Resources BadBlue 1.7 EXT.DLL Cross Site Scripting Vulnerability. CVE-2002-1685. Remote exploit for windows platform


BadBlue is a P2P file sharing application distributed by Working Resources. The ext.dll ISAPI does not sufficiently sanitize input. Because of this, it is possible for a user to create a custom URL containing script code that, when viewed in a browser by another user, will result in the execution of the script code. This could allow for the execution of malicious JavaScript in the context of a trusted site.