Search This Blog

Powered by Blogger.

Blog Archive

Labels

TeamHav0k exposed the Vulnerability in Gov and .edu sites : #OP XSS 2.0

The Hacker group TeamHav0k who found XSS vulnerabilities in high profile sites(EA, imageshack, NYTimes,..), initiated the operation called #OPXSS2.0. Apart from high profile sites, they focused on Government(.Gov) and education institute(.edu) websites in this operation.

Hackers managed to find the Reflected XSS Vulnerability in the following Government sites:  Official web site of the State of Rhode Island, OurDocuments.gov, Library of Congress,Virginia Employment Commission, Feds Hire Vets and The Nation's Report Card.

Also they found xss vulnerability in education sites:Rochester Institute of Technology(RIT),Arizona State University(ASU),Polytechnic Institute of New York University,Michigan State University(MSU),Aurora University, Berkeley University , DeVry University ,University of Hawaii System .
In addition to education and govt sites ,they also discovered vulnerability in some high profile sites.  Hackers revealed the vulnerability in the free web hosting rating site "free-webhosts.com" and Turner Broadcasting Systems (TBS).

The proof of concept and vulnerable link can be found the in the pastebin release: http://pastebin.com/yCH4x44J

Share it:

Breaking News

TeamHav0k

Vulnerability

Web Application Vulnerability

XSS Vulnerability