Sunday, 23 October 2011

XSS in Youtube


XSS Vulnerability in Interactive YouTube API Demo Beta
http://pics9.com/images/67262148846124264830.png
There is a Critical Cross site XSS Vulnerability in Interactive YouTube API Demo Beta, Discovered by various sources. One of the White Hat Hacker "Vansh Sharma" Inform us about this XSS Vulnerability with proof of concept.
Proof Of Concept :
  • Open http://gdata.youtube.com/
  • Enter script <img src="<img src=search"/onerror=alert("xss")//"> in the keyword area.
  • Press ADD
Labels: , Posted by Unknown at 22:12

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)