XSS vulnerability in gotoquiz

Thread Topic: XSS vulnerability in gotoquiz

Jeeshan
Joined: Aug 9, '15
Status: Hot Shot
XXX vulneribility in gotoquiz*
The Geek
Joined: Mar 15, '12
Status: Expert
no ur gay
Le1F
Joined: Jun 4, '15
Status: Advanced
WolfLove
Joined: Apr 23, '12
Status: Hot Shot
aw fuq u got me
The Geek
Joined: Mar 15, '12
Status: Expert
haha rekt
GTQ Guy
Joined: Apr 17, '09
Status: Advanced
[no urls]

example there, pretty sure there are other places this would work
What is the example?

the cookie system is also pretty week
Working on this.
Magie Magic
Joined: Jul 19, '16
Status: Senior
Hey GTQ Guy, May I ask a question? Why are you so non active on your own site?
GTQ Guy
Joined: Apr 17, '09
Status: Advanced
That's a good question. I definitely fell behind on keeping up with the users here. I'm still working on the site, preparing a big update to come soon.
Magie Magic
Joined: Jul 19, '16
Status: Senior
A big update? Cool! I look forward to seeing it!
The Geek
Joined: Mar 15, '12
Status: Expert
The example is at


Pretty simple, mouse over and it auto logs you in to another account by modifying your cookies.
Magie Magic
Joined: Jul 19, '16
Status: Senior
So anyone can just randomly log into my account because of the link you posted?
GTQ Guy
Joined: Apr 17, '09
Status: Advanced
Fixed.

Well that was some shoddy coding on my part. Thanks for the heads up.
The Geek
Joined: Mar 15, '12
Status: Expert
Not as bad, but I found a further exploit of it where if a new line is in the url the redirect header will fail, forcing people to use a link which is vulnerable.

"
onmouseover="
alert(document.cookie)
The Geek
Joined: Mar 15, '12
Status: Expert
Also, think that can be combined with a logout url somehow (not tested yet)
GTQ Guy
Joined: Apr 17, '09
Status: Advanced
I'm surprised I don't have validation on the URL formatting. Shame on me!