Grey hat hackers group "TeamHav0k" have found cross site scripting vulnerabilities in high profile sites such as GEICO, Shockwave, Register.go.com and Gamefly.com. They published the vulnerability details pastebin.
The Government Employees Insurance Company (GEICO ) is an auto insurance company. It is a wholly owned subsidiary of Berkshire Hathaway that as of 2007 provided coverage for more than 10 million motor vehicles owned by more than 9 million policy holders. The search link in the GEICO is vulnerable to XSS attack.
Poc:
http://www.geico.com/search/?term=HIII"+AUTOFOCUS+onfocus=alert("xss")>&x=0&y=0
Shockwave.com offers the best puzzle games, cooking games, dress up games, car racing games, and more.
Poc:
http://www.shockwave.com/online/all-games.jsp?filter=online&col=releaseDate&dir=desc"><script>alert(String.fromCharCode(34, 69, 114, 114, 111, 114, 34))</script>
some other Register, a site that deals with Internet Information Services (IIS), and Gamefly, a gaming vendor, were all found to xss vulnerabilities.
The Government Employees Insurance Company (GEICO ) is an auto insurance company. It is a wholly owned subsidiary of Berkshire Hathaway that as of 2007 provided coverage for more than 10 million motor vehicles owned by more than 9 million policy holders. The search link in the GEICO is vulnerable to XSS attack.
Poc:
http://www.geico.com/search/?term=HIII"+AUTOFOCUS+onfocus=alert("xss")>&x=0&y=0
Shockwave.com offers the best puzzle games, cooking games, dress up games, car racing games, and more.
Poc:
http://www.shockwave.com/online/all-games.jsp?filter=online&col=releaseDate&dir=desc"><script>alert(String.fromCharCode(34, 69, 114, 114, 111, 114, 34))</script>
some other Register, a site that deals with Internet Information Services (IIS), and Gamefly, a gaming vendor, were all found to xss vulnerabilities.
"Here's another list of XSS, admins of these sites please install good XSS filters because someone may use these for their own gain, yes they are non-persistent..." Hackers said.
Hacker explained the risk of this vulnerability "But if the attack has the proper knowledge of XSS (which it seems very few people have and web-admins are oblivious to) they can easily with a little Social engineering do a full OS compromise and from there open a backdoor to the victims computer."