Thursday, June 23, 2005

CROSS-SITE SCRIPTING : Penetration Test Report paper

Severity: Medium
An attacker can take advantage of numerous input fields in the application
in order to mislead an innocent customer entering the site into giving away
information, or as a tunnel for the attacker for future purchases on behalf
of the first. Input fields include the comments area, the search page, and
the new user signup form.
The first cross site scripting attack is based on a malicious user
embedding malicious code (in the form of Javascript or VBScript) in the
search field of the search.asp page. This allows an attacker to send a mail
to any user asking him to view a list of search results. If the innocent user
would surf to this linked page, where the malicious code is injected by the
attacker he would have a response script sent to him. This can result in
the user’s session cookie sent to the attacker for instance, which will
enable the attacker to act on the user’s behalf without his knowledge.
Post a Comment