Latest News

StumbleUpon Fixes The XSS Vulnerability


                                               
About a week before i reported an XSS vulnerability inside stumbleupon, I promised to disclose the vulnerability details once it gets fixed, Recently i received an email from stumbleUpon. They told that they have fixed the XSS vulnerability and they would like me to test it again if it's still vulnerable to the Cross site Scritping (XSS) attack. I tested the parameter and did not find any potential XSS inside it. Here is the email i received from stumbleUpon:





Vulnerability parameter:

http://stumbleupon.com/hostedbadge.php?s=1&r=XSS

The above parameter was vulnerable to a reflected cross site scripting attack, however now it's fixed and i don't see the issue any more. 

No comments:

Post a Comment

Contact Us

24x7 online , we happy to answer you
tamilcypc@gmail.com

Disclaimer

This Blog and its TUT's are intended for educational purposes only, no-one involved in the creation of this TuT may be held responsible for any illegal acts brought about by this Blog or TuT.



Featured Post

Custom Domains And HTTPS Redirection Code