vineri, 2 martie 2012

Tender Knowledge Base Cross Site Scripting

# Exploit Title: Tender Knowledge Base Cross Site Scripting
# Date: 3.03.2012
# Author: Sony
# Software Link: http://tenderapp.com/
# Web Browser : Mozilla Firefox
# Blog : http://st2tea.blogspot.com
# PoC:
http://st2tea.blogspot.com/2012/03/tender-knowledge-base-cross-site.html
..................................................................

Well, we have xss in the Tender Knowledge --> forgot_password.

Demo:

http://support.cloudflare.com/forgot_password


https://help.tenderapp.com/forgot_password

Publicat de Sony la 15:26
Etichete: ,

0 comentarii:

Trimiteți un comentariu

Rețineți: Numai membrii acestui blog pot posta comentarii.