Cross Site scripting Vulnerability in Alexa Toolbar Search

A hacker named as kuksool from the hacker group "n0careteam" has discovered a Cross Site scripting vulnerability in the Alexa website -A California-based subsidiary company of that provides infromation about websites including Internet traffic stats, rank.

The vulnerability exists in the Alexa Toolbar search page( - A custom search provided by Google.

If you have installed the toolbar in your browser & inject this script in the search box, it successfully executes the given script:

"><script>alert(" E Hacking News")</script>

Xss in Alexa Toolbar Search

Recently the same hacker group discovered XSS vulnerability in high profile websites including Russian and Malaysia Government sites,, New York Magazine.
Category: / / / /

Share this with Your friends: