Google Code Playground XSS vulnerability

Dec 8 2011 in News by IDTP |

Two security researchers have identified an XSS in Google Code. Proof Of Concept: Just go to http://code.google.com/apis/ajax/playground/ and then click on edit HTML after that remove all the codes and type this script : “<img src=”<img src=search”/onerror=alert(“XSS”)//”>” and click on DEBUG CODE, and then first it will show you “Sample must have <head> element” click OK and wait for the window to load if nothing happen then try the same thing again or simply you can click on RUN CODE, and you will get a popup which is XSS. Thanks to our friends @THN.

 

Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks
  • PDF

Tags: , , ,
No Comments »

Leave a Reply

You must be logged in to post a comment.

«
»
EN
  • IT security audits, services, penetration testing - PenTest Magazine
  • Hacking, hackers, security zone, security, cyber attacks
  • Software Developer's Journal for developers by developers
  • Web application design - Flesh & Flex developer's magazine
  • BSD, open source, magazine, tutorials bsd - BSD Magazine
  • Best solutions for e-Commerce marketing: PHP Solutions
PL
  • Software Developer's Journal for developers by developers
  • Łamanie zabezpieczeń, skuteczna ochrona komputera - magazyn o bezpieczeństwie w IT - Securitymag.pl
FR
  • Creation site e-commerce : PHP Solutions
  • psd photoshop magazine - photoshop, illustrator, indesign
  • Hacking, hackers, security zone, security, cyber attacks
DE
  • Hacking, hackers, security zone, security, cyber attacks


Software Press Sp. z o.o. Sp. Komandytowa 02-682 Warszawa, ul. Bokserska 1, NIP 9512279582, REGON 141804060, KRS: 0000327578

Advertisement