Quote:
|
Originally Posted by Kristi
Hense the reason it wasnt that bug, but an XSS one as i explained eariler, its not browser specific =p
|
How very interesting. I suppose that the PHP $_REQUEST array (made up of all values sent by the user - ones sent in the URL, stuff POSTed by a form, and cookie data) was being used in these scripts instead of a specific global dealing with wherever the input should be coming from, allowing for falsified cookie or POSTed values to be passed along in the URL. Or, say, cookie-stealin' JavaScript. But that's just a semi-educated guess.
As I stated previously, corrections and clarifications are always good. Instead of knowing only about the cookie vulnerability which was
actually used, we now know about two! And knowing more is usually better than knowing less.
(However, I'll agree with Loriel's point just because it's dangably valid. Hooray for Firefox!)