Posted by Joey Maresca on Feb 25

According to Cisco it is CVE-2014-2120, which indicates that much like the
code sort of gave away, it is a bad attempt by a 1337 hax0r to push their
crappy ‘exploitpack.com’ instead of you know, finding anything useful.
Indeed it is a damn XSS with minimal utility. The crappy code is just the
icing on the cake that only tastes better when you realize he is over a
year late on his ‘0-Day’.

In fact, his code is so crappy it…