[Full-disclosure] [x0n3-h4ck.org] PayPal vulnerable to XSS
Jason
jason at strangelogic.co.uk
Mon Nov 6 23:17:48 GMT 2006
> That's not exploitable. Remember that the "XS" in XSS stands for
"cross-site": you have to be able to trigger the scripting using
ordinary requests from another site. To generate this cookie, you'd
need to already have scripting access to the paypal.com domain - in
which case you don't care anymore.
Or you can use Flash to generate the raw headers you want to send.
Visitor -> attacker site with flash -> PayPal site
Visitor = exploited
--
--
Jason Duke | Strange Logic
Tel: +44 (0)20 8598 2280| jason at strangelogic.com
http://www.StrangeLogic.com
The Search Engines
We Find Them Strangely Logical
--
--
Jason Duke | Strange Logic
Tel: +44 (0)20 8598 2280| jason at strangelogic.com
http://www.StrangeLogic.com
The Search Engines
We Find Them Strangely Logical
Full-Disclosure is hosted and sponsored by Secunia.