|
IpLogger <= 1.7 XSS=0D
=0D
Discovered by: Nomenumbra=0D
Date: 21/5/2006=0D
impact:moderate (potential privilege escalation,possible defacement)=0D
=0D
tjthedj's IpLogger (http://tjthedj.us/projects/iplogger/) suffers from XSS in a user's useragent.=0D
It is possible to construct a useragent containing javascript, thus=0D
being displayed to the user once he check's the logs.=0D
=0D
Nomenumbra