HC's Capture the Flag website
CTF Contests
25C3-CTF
25C3-CTF final results
Advisory #40
From team nosec/!eof
New advisory by : Silicium
Affected service(s): cgibas
Severity [lmh] : medium
===== Problem =====
The upload.bas allows to xss javascript.
===== Impact =====
Run Scrips on Client Systems, Steal Cookies...
===== Fix =====
Filter some html taggins with Basic StringUtils
Rating
[0] too unspecific fix