mattmurphy at kc
Sep 15, 2002, 11:18 AM
Post #1 of 1
(98 views)
Permalink
|
|
Altavista BabelFish XSS Hole
|
|
Babelfish is Altavista's automated translation tool. It is used by the
various "Translate" links on the site and in search results. A malformed
translation can result in cross-site scripting. By requesting a translation
of HTML, it is possible to execute script code as the AltaVista domain.
Initially, this hole presented a unique challenge -- exploiting the
vulnerability so that the JavaScript code would not change, even when
applied across two languages. However, Babelfish creates a textarea with
the supplied data still intact, so exploitation is much easier. By starting
the translation with "</TEXTAREA>", an attacker can cause the original data
to be launched as well.
"The reason the mainstream is thought
of as a stream is because it is
so shallow."
- Author Unknown
|
