Wireshark-bugs: [Wireshark-bugs] [Bug 8704] New: Flash XSS Vulnerability
Date: Tue, 21 May 2013 18:15:06 +0000
Bug ID 8704
Summary Flash XSS Vulnerability
Classification Unclassified
Product Web sites
Version N/A
Hardware Other
OS All
Status UNCONFIRMED
Severity Minor
Priority Low
Component Ask - ask.wireshark.org
Assignee bugzilla-admin@wireshark.org
Reporter wcypierre@gmail.com

Created attachment 10815 [details]
'>"><img src=x _onerror_=alert(0)>

Build Information:

--
Hi,

I have found a Flash based XSS vulnerability that I would like to report about.
I have included the Proof of Concept(PoC) below:

Proof of Concept:
http://ask.wireshark.org/m/default/media/js/ZeroClipboard.swf?id=\%22%29%29}catch%28e%29{}if%28!self.a%29self.a=!alert%28/wcypierre/%29//&width&height


Please patch it as soon as possible.

Regards,
wcypierre


You are receiving this mail because:
  • You are watching all bug changes.