From: http://smcv.pseudorandom.co.uk/ <smcv@web>
Date: Mon, 30 Mar 2015 10:55:39 +0000 (-0400)
Subject: rename bugs/XSS_Alert...__33____33____33__.html to bugs/XSS_Alert...__33____33____33_... 
X-Git-Tag: 3.20150610~125
X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/commitdiff_plain/c68c044d8743d83ae5a845a2c800a3b03a7d7350?hp=3ca8255a11b2769fb6193cae9962370f4dba6397

rename bugs/XSS_Alert...__33____33____33__.html to bugs/XSS_Alert...__33____33____33__.mdwn
---

diff --git a/doc/bugs/XSS_Alert...__33____33____33__.html b/doc/bugs/XSS_Alert...__33____33____33__.html
deleted file mode 100644
index 436e3faae..000000000
--- a/doc/bugs/XSS_Alert...__33____33____33__.html
+++ /dev/null
@@ -1,29 +0,0 @@
-Respected Sir,
-Your website "webconverger.org" is vulnerable to XSS Attack.
-
-Vulnerable Links:
-webconverger.org/ikiwiki.cgi?action=verify&do=signin&openid_identifier=1
-
-How To Reproduce The Vulnerability :
-1. Go to this link : webconverger.org/ikiwiki.cgi?action=verify&do=signin&openid_identifier=1
-2. refresh the page and intercept the http request using "brup suite" then at parameter "openid_identifier=" put xss payload
-3. forward the request
-
-XSS Payload :
-1. "></script><script>prompt(909043)</script>
-2. "></script><script>prompt("XSS Alert...!!! : Hacked By Raghav Bisht")</script>
-3. "></script><script>prompt(document.cookie)</script>
-
-NOTE : Proof of concept is attached.
-
-
-Thank You...!!
-
-
-Your Faithfully,
-Raghav Bisht
-raghav007bisht@gmail.com
-
-> Thanks Raghav for reporting this issue. I've fixed it in ikiwiki.
-> 
-> --[[Joey]] 
diff --git a/doc/bugs/XSS_Alert...__33____33____33__.mdwn b/doc/bugs/XSS_Alert...__33____33____33__.mdwn
new file mode 100644
index 000000000..436e3faae
--- /dev/null
+++ b/doc/bugs/XSS_Alert...__33____33____33__.mdwn
@@ -0,0 +1,29 @@
+Respected Sir,
+Your website "webconverger.org" is vulnerable to XSS Attack.
+
+Vulnerable Links:
+webconverger.org/ikiwiki.cgi?action=verify&do=signin&openid_identifier=1
+
+How To Reproduce The Vulnerability :
+1. Go to this link : webconverger.org/ikiwiki.cgi?action=verify&do=signin&openid_identifier=1
+2. refresh the page and intercept the http request using "brup suite" then at parameter "openid_identifier=" put xss payload
+3. forward the request
+
+XSS Payload :
+1. "></script><script>prompt(909043)</script>
+2. "></script><script>prompt("XSS Alert...!!! : Hacked By Raghav Bisht")</script>
+3. "></script><script>prompt(document.cookie)</script>
+
+NOTE : Proof of concept is attached.
+
+
+Thank You...!!
+
+
+Your Faithfully,
+Raghav Bisht
+raghav007bisht@gmail.com
+
+> Thanks Raghav for reporting this issue. I've fixed it in ikiwiki.
+> 
+> --[[Joey]]