Search This Blog

Powered by Blogger.

Blog Archive

Labels

White House Government Site vulnerable to Persistent XSS


The Security Researchers from Vulnerability-Lab, Alexander Fuchs (F0x23) & Benjamin Kunz Mejri (Rem0ve) discovered the Persistent XSS Vulnerability in Official website of White House(Government site).

This vulnerability allows attacker to inject malicious codes on web application. The successful exploitation of the vulnerability may results in hijacking of user,admin or backend sessions, manipulation of profile content,redirect to any malicious sites, defacement & can lead to malware infiltration via petition.

Vulnerability Details:
  • Vulnerability: XSS(Persistent)
  • Alert: Critical
  • Status: Fixed(Researcher said fixed on 2011-11-04,But still demo page is active).
  • Website: http://www.whitehouse.gov/
  • Site Category: Government
Vulnerability Demo:
https://wwws.whitehouse.gov/petitions/!/petition/security/WxgwM7DS

XSS Report:
http://vulnerability-lab.com/get_content.php?id=308

Share it:

Govt Hacked

Vulnerability

Web Application Vulnerability

XSS Vulnerability