|
|
| Author |
Message |
Dragonelf
Group: Retired Moderators
Joined: 11 Mar 2009
Donor: 
Posts: 4586
Gold: 58.70
Clan: Legends
Status:
Warn: 
Reputation: 154
|
 #1 Posted: 13 Oct 2011 06:51 am Post subject: Dangerous xss profile in the namefield of character |
 |
|
http://www.d3jsp.org/profile.php?mode=viewprofile&u=7149
xss in the name field of the character
could be used to redirect people to another webpage, read their cookies and redirect them back here
they wouldnt even notice you got their cookies
with their cookies you can log in their account and do whatever you want |
|
| Back to top |
|
 |
|
|
Hentai
Group: Scammer
Joined: 25 Sep 2011
Posts: 181
Gold: Locked
Status:
Warn:
Reputation: 17
|
| #2 Posted: 13 Oct 2011 06:28 pm Post subject: |
|
|
i dont understand
is this a keylogger then? cuz i clicked it like 5 times
Last edited by Hentai on 13 Oct 2011 06:28 pm; edited 1 time in total |
|
| Back to top |
|
|
Dragonelf
Group: Retired Moderators
Joined: 11 Mar 2009
Donor:
Posts: 4586
Gold: 58.70
Clan: Legends
Status:
Warn:
Reputation: 154
|
| #3 Posted: 13 Oct 2011 07:27 pm Post subject: |
|
|
it could be changed to a "keylogger"
(keyogger is not the rigt description, it would be more accounstealing/cookiestealing) |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum
|
D3jsp is proudly powered by phpBB © 2.0
Theme and Forum by tramway |
RPG
Arcade
FAQ/Rules
Search
Memberlist
Usergroups
Live Chat
Log in
Register
