MSN.com Vulnerable to XSS - Cross Site Scripting

By Yogesh




Description: 
XSS - Cross Site Scripting Vulnerability found in MSN.com.Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts are injected into the trusted web sites. Cross-site scripting (XSS) attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere.

An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by your browser and used with that site.

Screenshot :




Comments

Post a Comment

Popular posts from this blog

PayPal : User Credit Card Information Disclosure

By Yogesh
Image
Okay... So, here is another one old & duplicate bug from PayPall , which I reported looooong back. I have found some strange results of api-3t.sandbox.paypal.com. This sub domain is storing all credit card information of paypal user in URL. Below is the google dork for finding such “stored” CC details. Google Dork: site:sandbox.paypal.com inurl:CVV2= Google results are not much, nearly 80, but still harmful as sensitive user information is getting leaked.
Read more

Quick internet sharing - Laptop to mobile

By Yogesh
Image
Hey all, If you want to share your Laptop internet with your mobile device without using any third party tool & that too in couple of steps, yeah, very quickly ;), then follow the below given steps. Step 1. Open Command Prompt, as an Administrator, Step 2. Enter below given commands. Command 1. netsh wlan set hostednetwork mode=allow ssid=abcd key=10 Digit Key Note : ssid can be any name which will get displayed as wifi network.            Key can be any 10 Digit numbers. For Ex. 0000000000 Command 2. netsh wlan start hostednetwork Step 3. Go to the properties of your Local Area Connection which is connected to the Internet. Then Click on Sharing tab And select the check box under "Internet connection sharing". Now Select the network which we created using commands. [here, abcd ]. Click OK Done ;) Now you can Join the wifi internet from your mobile device.
Read more