XSS Vulnerability in White House Website |
The Hacker News: Alexander Fuchs, A German Security Researcher Discover Persistent XSS Vulnerability in Official website of White House.
"The petition system is vulnerable. Every Petition i start or join will execute my code. I could join all petitions and my code will be executed on all users who visit the petition system." He said.
Read full story in German: http://www.1337core.de/2011/die-whitehouse-gov-lol-petition/
The XSS Demo is here: https://wwws.whitehouse.gov/petitions/!/petition/security/WxgwM7DS
What is XSS? http://en.wikipedia.org/wiki/Cross-site_scripting
No comments:
Post a Comment