XSS in Web Wiz Forums

2006-09-04T00:00:00
ID SECURITYVULNS:DOC:14129
Type securityvulns
Reporter Securityvulns
Modified 2006-09-04T00:00:00

Description

=info= Little filter evasion of Web Wiz Forums filters. The vuln lies in the avatar from url. =exploit= You have to post "><img src="java scri pt:ale rt('xss')"> after the url. =handicap= It is not that serious because the field takes only 95 chars and it works only for IE and Opera.Firefox survived it. ======= by fak3