Archive for March, 2011

Alexandrea University: Faculty of Commerce.. vulnerable to XSS

Posted in XSS with tags , , , on March 13, 2011 by Xacker

Hi again,

The Faculty of Commerce at Alexandrea university is found vulnerable to XSS attacks.

An attacker could easily lure the victim into clicking a malicious URL that could be used to display malicious or possibly incorrect content on the web page.

Although the form specifies POST requests instead of GET in the source-code, the ASP web page is coded to handle both, perhaps, with POST preferred over GET if provided.



Happy exploiting.