- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 23423
- Проверка EDB
-
- Пройдено
- Автор
- ZAP THE DINGBAT
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- cve-2003-1025
- Дата публикации
- 2003-12-09
Код:
source: https://www.securityfocus.com/bid/9182/info
A weakness has been reported in multiple browsers that may allow attackers to obfuscate the URI for a visited page. The problem is said to occur when a URI designed to pass access a specific location with a supplied username, contains a hexadecimal 1 value prior to the @ symbol.
An attacker could exploit this issue by supplying a malicious URI pointing to a page designed to mimic that of a trusted site, and tricking a victim who follows a link into believing they are actually at the trusted location.
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/23423.zip- Источник
- www.exploit-db.com
