####################################################################### Application: SnapStream PVS Vendor : http://www.snapstream.com Versions: LITE Platforms: Windows/Unix Bug: Cross Site Scripting Vulnerabillity Risk: Low Exploitation: Remote with browser Date: 6 Jan 2004 Author: Rafel Ivgi, The-Insider e-mail: the_insider@mail.com web: http://theinsider.deep-ice.com ####################################################################### 1) Introduction 2) Bug 3) The Code ####################################################################### =============== 1) Introduction =============== SnapStream PVS is a Personal Video Station software. It allows the user to remotely schedule recordings and playing of Tv shows using video tapes and cable TV. ####################################################################### ====== 2) Bug ====== When the webserver hosting SnapStream PVS LITE recieves a 'GET /?<script>alert('XSS')</script>' its ignores it, the data gets filtered as it should. But when it recieves a 'GET /?"><script>alert('XSS')</script>' the filters are bypassed and XSS appears and the server allows an attacker to inject & execute scripts. ####################################################################### =========== 3) The Code =========== http://<host>/?"><script>alert('XSS')</script> ####################################################################### --- Rafel Ivgi, The-Insider http://theinsider.deep-ice.com "Things that are unlikeable, are NOT impossible."
