Labels



Load More

 Trendy Right Now

Home Interactive YouTube API Demo Beta Vulnerable to XSS(Cross Site Scripting)

Vulnerability Web Application Vulnerability XSS Vulnerability Youtube Hacks

Interactive YouTube API Demo Beta Vulnerable to XSS(Cross Site Scripting)

Monday, October 24, 2011

Some white hat hacker named as "Vansh Sharma" discovered the XSS vulnerability in Interactive YouTube API Demo Beta .

The keyword field is vulnerable to XSS .

Proof:

Open http://gdata.youtube.com/
Enter script
<img src="<img src=search"/onerror=alert("xss")//">
in the keyword area.
Press ADD

Vulnerability Status:

Type: XSS
organization: Youtube.com
Status: UnFixed