U.S. Dept Of Defense: Stored XSS at https://█████

Description: In registeration page https://████ , first name and last name field are vulnerable to Stored Cross Site Scripting. Proof of concept For the fastly test, use this credentials to login my test account email: █████████ password: ██████ After login , alert document.cookie will triggered...

Aruba Mobility Controller 6.4.2.8 - Multiple Vulnerabilities

Title: Aruba Mobility Controller CSRF And XSS Vulnerabilities Date: 08/016/2015 Author: Itzik Chen Product web page: http://www.arubanetworks.com Affected Version: 6.4.2.8 Tested on: Aruba7240, Ver 6.2.4.8 Summary ================ Aruba Networks is an HP company, one of the leaders in enterprise...

XSS in HTDIG

Eg; http://www.anyhost.com/cgi-bin/htsearch.cgi?words=223E3Cscript3Ealert28document.cookie293B3C2Fscript3E all URLS must be on one line Apologies if this is a known issue. Apologies also for posting about XSS, too, but this is not an isolated website, but a commonly used service. ===== -----BEGIN...