bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/cgi/remote/23304.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

9 lines
No EOL
912 B
Text
Raw Permalink Blame History

source: https://www.securityfocus.com/bid/8904/info
It has been reported that Symantec Norton Internet Security is prone to a cross-site scripting vulnerability. The issue is reported to exist when the software blocks a restricted website and an error message containing the requested URL is returned to the user. This URL is not sanitized for malicious input therefore allowing a remote attacker to execute HTML or script code in the browser of a user running the vulnerable software. The script code would run in the context of the blocked site.
Successful exploitation of this attack may allow an attacker to steal cookie-based authentication information that could be used to launch further attacks.
Norton Internet Security 2003 v6.0.4.34 has been reported to be prone to this issue, however other versions may be affected as well.
http://www.example.com/page.cgi?<SCRIPT>alert(document.domain)</SCRIPT>
Reference in a new issue View git blame Copy permalink