Hi! It is possible to make an XSS injection in the netadmin service provided at https://dreamhack.netadmin.se/ on, at least, the title header.
For this just set the nick as the script to inject and there you go, it will be copied literally on the title and may also be copied on the achievements. http://i.imgur.com/w4fvg.png is a pic which shows the attack in action. Klondike
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
