Palm.com - XSS vulnerability ----------------------------------------------
Type: Cross site scripting Date: June, 13th 2006 ---------------------------------------------- Credits: ---------------------------------------------- Discovered by: David "Aesthetico" Vieira-Kurz http://www.majorsecurity.de ---------------------------------------------- Vulnerability: ---------------------------------------------- I found a bug in the searchField of the official Palm store("http://store.palm.com/";). Input passed to the "keywords" parameter in "index.jsp" is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Sending a malicious code will result a code working on the page that pops up... /searchHandler/index.jsp?keywords=[XSS CODE HERE] Examples: ---------------------------------------------- /searchHandler/index.jsp?keywords=<script>alert("MajorSecurity")</script> /searchHandler/index.jsp?keywords=3Cscript%3Ealert(document.cookie)%3C/script%3E
