A particular class of attacks commonly referred to as “code insertion” and often “Cross-Site Scripting” has become increasingly popular. Yesterday we reported about Cross site scripting bug Paypal andApple.
Hacker from Inj3ct0r Team reported a XSS Cross site scripting Vulnerability on MSN.comwebsite. Vulnerability exist of a subdomain of MSN at http://news.de.msn.com/. Details posted in anadvisory. Cross site scripting occurs when a web application gathers malicious data from a user.
Hackers said that, "The goal is to close the capabilities gap between the cyber-criminals and white hats, by enabling defenders to perform more comprehensive testing of their defenses."
According to report, this XSS is working perfectly with Internet Explorer and Opera web browser, Proof of Concept URL's are posted in advisory and Image as shown.
Hacker from Inj3ct0r Team reported a XSS Cross site scripting Vulnerability on MSN.comwebsite. Vulnerability exist of a subdomain of MSN at http://news.de.msn.com/. Details posted in anadvisory. Cross site scripting occurs when a web application gathers malicious data from a user.
Hackers said that, "The goal is to close the capabilities gap between the cyber-criminals and white hats, by enabling defenders to perform more comprehensive testing of their defenses."
According to report, this XSS is working perfectly with Internet Explorer and Opera web browser, Proof of Concept URL's are posted in advisory and Image as shown.
0 comments: