Search This Blog

Powered by Blogger.

Blog Archive

Labels

About Me

Cross Site Scripting vulnerability found in Radikal.ru

Grey Hat hacker "Sony" has discovered Cross site scripting(XSS) vulnerability in Radikal.ru.  Radikal.ru is one of Russia's largest image hosting service that allows you to quickly publish photos on the various chat rooms, message boards, blogs and online forums.

He found XSS vulnerability in multiple pages.

Here is one of the vulnerable link:

http://www.radikal.ru/GALLERY/PageGallery.aspx?pg=258&period=022008%22%22%3E%3Cscript%3Ealert%28%22Radikal.ru%20Cross%20Site%20Scripting%22%29%3C/script%3E&id_gallery=-1

Screenshot

In order to see other vulnerability, you have to login into the website. The vulnerability resides in Edit pics,etc.
Share it:

Vulnerability

Web Application Vulnerability

XSS Vulnerability

No Related Post Found

Also Read

Cisco Talos Uncovers Lotus Blossom’s Multi-Campaign Cyber Espionage Operations

Cisco Talos has uncovered a series of cyber espionage campaigns attributed to the advanced persistent threat (APT) group