vineri, 17 februarie 2012

Wiki Spot Cross Site Scripting

# Exploit Title: Wiki Spot Cross Site Scripting
# Date: 18.02.2012
# Author: Sony
# Software Link: http://wikispot.org/
# Web Browser : Mozilla Firefox
# Blog : http://st2tea.blogspot.com
# PoC:
http://st2tea.blogspot.com/2012/02/wiki-spot-cross-site-scripting.html
..................................................................

Simple.

1.

https://wikispot.org/User_Settings

Put our xss code in the Email address: (recover password) and press button "mail me my account data".



2.

https://wikispot.org/User_Settings


General Settings-->Personal CSS URL-->put our xss code and press button "save".


Publicat de Sony la 23:05
Etichete: ,

0 comentarii:

Trimiteți un comentariu

Rețineți: Numai membrii acestui blog pot posta comentarii.