Pligg Suffers from a Reflective Cross Site Scripting vulnerability in index.php. Forthe $_GET['category'] variable. Exploit code was written that uses this flaw tobypass the CSRF protection to then vote on any pligg article of the attackerschoosing. I took inspiration from the Myspace Sammy worm utilizing XMLHttpRequest() to read the randomly generated token protection requests from forgery. This is amore serious attack when combined with my Captcha Implementation Bypass(http://www.rooksecurity.com/blog/?p=17) which allows an attacker to create new useraccounts.