Godaddy´s Workspace 5.3 XSS
Explanation:
The _javascript_ for special caracter filtering provided in email13.secureserver.net can be use to create a XSS attack, if we edit the
content of an email and put <iframe
src=""XSS");"></iframe> this will be filtered
and scramble, making the XSS impossible, BUT, if we write <iframe
src=""></iframe> we
will bypass the XSS filter.
by Elvenking
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
