Firefox JAR Vulnerability Continues — Link to Gmail POC
November 19, 2007Firefox jar: Protocol Vulnerability:
According to pdp, this issue makes vulnerable to Cross-site scripting applications that allow users uploading compressed ZIP, and JAR files. After a couple of minutes messing around the poc’s, I figured out that sites with open redirect issues are vulnerable too. I’ve created this poc that attacks Gmail, it’s based on my [...]
