Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Sponsored by: █ Sparkhost - Hosting Without Compromises! █ Hybrid Performance Web Hosting █ Spark Host Stream Hosting █ Hybrid IRC & IRCd Server Shell Accounts

[Pro] Whats Kind/type Of This Bug?

Started by YPY , Jun 29 2012 05:43 AM

Please log in to reply

No replies to this topic

#1 YPY

Private

Members
1 posts

Posted 29 June 2012 - 05:43 AM

Hi,

This request is sent to the victim through the TRACE method:

TRACE / HTTP/1.1
Cookie: _VictimCookieName=str<script>alert("TEST!");</script>str
Host: Victim.Domain
Connection: Keep-alive
Accept-Encoding: gzip,deflate
Accept: */*

And the Response comes from the Victim: a alert window TEST!
So, whats Kind/type Of this bug?
Thanks for advance.

Back to Beginners Section