One of the Security Researcher "Juan Sacco (runlvl)" - Insecurity Research Labs expose the Cross Site vulnerability (XSS) in Bing.com Search Engine. BING.COM is prone to a XSS vulnerability because the application failsto properly perform adequate boundary checks on user-supplied data.An attacker can exploit this issue to execute arbitrary code in thevictim's browser.
Details :The reflected XSS vulnerability is a variant of a cross-site scriptingflaw: it occurs when the data provided by the attacker is exectued bythe browser, and then displayed on "normal" pages returned to otherusers in the course of regular browsing, without proper HTML escaping. Aclassic example of this is with online message boards where users areallowed to post HTML formatted messages for other users to read.
Vulnerable Link
Source--> THN
0 comments:
Post a Comment