NatterChat 1.12 txtUsername and txtRoomName XSS

2008.11.21

Credit: bug squash

Risk: Low

Local: No

Remote: No

CVE: N/A

CWE: CWE-79

IN THE NAME OF:
( ( (
( ( ( ) )) ) ( ) )
( )( ) ( ) (()/(()/(( )(()/(
)((_)((_))((_) /(_))(_))((_)/(_))
((_)_(_)_((_)_ (_))(_))((_)_(_))
| _ ) _ )/ _ | _ _ _|| _ ) __|
| _ _ (_) | | /| | | _ __
|___/___/___ |_|____||___/___/
[&#187;] Author: [ G4N0K the Tard ]
NatterChat 1.12 txtUsername and txtRoomName XSS
Register new user with on register.asp with
"<script>alert(document.cookie)</script>" as the username (txtUsername
post parameter).
Create new chatroom with "<script>alert(document.cookie)</script>" as
the room name (txtRoomName post parameter)
demo:
http://www.natterchat.co.uk/version112/home.asp
===[ Greetz ]===
[&#187;] BBQ RIBS
[&#187;] Fat Back Mac and the BBQ Gang
[&#187;] Tyler Trioxide
[&#187;] XoRLu
[&#187;] HUSSAIN-Z
//Are ya looking for something that has plenty of BUGz...!? I know
it... It's a old plate of BBQ in the corner of G4N0K's hut [:-)
//BBQ RIBS,forgimme...

References:

http://seclists.org/fulldisclosure/2008/Nov/0460.html

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

NatterChat 1.12 txtUsername and txtRoomName XSS

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.