bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Windows Live Spaces logged user NetworkSetup.aspx cross site scripting

from [paolo . difebbo] [Permanent Link][Original]
To: bugtraq@securityfocus.com
Subject: Windows Live Spaces logged user NetworkSetup.aspx cross site scripting
From: paolo.difebbo@gmail.com
Date: 29 Mar 2007 13:12:20 -0000
Delivered-to: sp-com-lists@consult.net
Delivered-to: bugtraq-list@securepoint.com
Delivered-to: mailing list bugtraq@securityfocus.com
Delivered-to: moderator for bugtraq@securityfocus.com
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@securityfocus.com; run by ezmlm 
Windows Live Spaces has a XSS vulnerability in NetworkSetup.aspx page.

This vuln affects every windows live space and it works only on logged users.

With this vuln you can grab cookies and so gain the access to the blog's admin 
panel, where you can edit user's options and data, MSN Messenger nickname, 
personal image and other informations too.

Here a PoC:
http://bug.spaces.live.com/NetworkSetup.aspx?dp=1&cfs=%22%3E%3Cscript%3Ealert(%22XSS%22);%3C/script%3E

Credits: Paolo Di Febbo
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Windows Live Spaces logged user NetworkSetup.aspx cross site scripting, paolo . difebbo <=
Previous by Date:  Re: Re: [Full-disclosure] Linux Kernel DCCP Memory Disclosure Vulnerability, acme
Next by Date:  Re: Re: Bypass phishing protection in Firefox / Opera, bob
Previous by Thread:  Re: Re: [Full-disclosure] Linux Kernel DCCP Memory Disclosure Vulnerability, acme
Next by Thread:  AOL 9.0 Deskbar.dll/Toolbar.dll DoS Vulnerability, Justin Seitz
Indexes:  [Date] [Thread] [Top] [All Lists]