[转载]Lycos Free Email跨站脚本执行漏洞

信息来源：www.securiteam.com

Summary
Lycos's Free Email service "allows users to have their own web based email account very much like Hotmail". A cross site scripting vulnerability in Lycos's Free Email service allows an attacker to steal a user's cookie allowing him full access to his Lycos email account. Further, due to a flaw in the way Lycos handles cookies, even if the user being attacked changes his password, the attacker can still gain access to his account as the cookie will remain valid.

Details
Proof of Concept:
The following URL will trigger the vulnerability in Lycos:
http://ldbreg.lycos.com/cgi-bin/mayaRegister?m_NP=%22%3E%3C script%3Ealert(document.cookie)%3C/script%3EEUSA_LycosMail_Plus&m_RC=32&m_PR=27&