Jump to content

minor xss bug in spamcop


Recommended Posts

Hello, I sometimes report spam via spamassassin to my submit.foobar[at]spam.spamcop.net address, this is very convenient, and spamcop just mails me back with a link when it's processed the spam and ready for me to check...so far so good, but I thought it would be cool to have the spam open in a background tab in my web browser so when I'm finished doing whatever it was I've been doing, I can just switch over to that tab, quickly check it looks okay and click submit.

I wrote this quick procmail recipe that seems to do the job:

* ^From: SpamCop AutoResponder <spamcop[at]devnull.spamcop.net>
* ^Subject: SpamCop has accepted 1 email for processing
| grep --max-count=1 '^http://www.spamcop.net/sc?id=.*$' | \
    xargs opera -display :0 -backgroundpage

Works great, anyway, while I was testing it to make sure it wasn't going to break I noticed that the id field is displayed without filtering...simple xss bug.

eg: click here (don't worry, safe example, just displays cookie).

No big deal, but would be cool if that could get fixed :)

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...