A hacker call himself as "5p1K3 BO7" found Cross site scripting vulnerability in some high profile sites. The list of vulnerable sites includes Airtel, Ebay, Jusdial ,rediff and NavBharatTimes .

Also he found xss vulnerability in the following sites: rovio.com ,moneycontrol.com,In.Com,Reliance site,m.mytatasky.com ,dinaralert.webs.com and domestichotels.yatra.com.

Akshay AKA 0z0n3 have discovered Cross-site-scripting vulnerability in around 60 high profile websites.

The list of vulnerable sites with screenshot:
http://www.ipchecking.com - snap - http://4.bp.blogspot.com/-sXxLSZjS-YA/T3r6jzFEJxI/AAAAAAAAAQU/9KO2PSZjVNA/s640/ipchecking.PNG

2.http://www.hostip.info/ - snap - http://2.bp.blogspot.com/-1frOtWxbyWQ/T3rm4InsqxI/AAAAAAAAAQM/CC2oPWpAwUA/s640/host.PNG

3.http://buzzr.in/ - snap - http://4.bp.blogspot.com/-RrW1-tkGoYI/T3me0_BFAuI/AAAAAAAAAP0/-BPrIYpJNd0/s640/buzzer.in.PNG

4.http://www.jabong.com/ - snap - http://2.bp.blogspot.com/-h-NRz0x9r8U/T3meRO0ttjI/AAAAAAAAAPs/lsfHV7E6hFQ/s640/jabong.PNG

5.http://www.infibeam.com/ - snap - http://1.bp.blogspot.com/-XzpThsTvM1o/T3mc184ZwBI/AAAAAAAAAPc/lDcc4ICW8Z0/s640/infi.PNG

6.http://govasool.com/ - snap - http://4.bp.blogspot.com/-IhPt_piUZNE/T3mcGznGWFI/AAAAAAAAAPU/_cUNqu51qJI/s640/govasool.PNG

7.http://www.bestpricebid.com/ - snap - http://4.bp.blogspot.com/-sRLF50gx5qo/T3mbjos3_WI/AAAAAAAAAPM/eRCuvlO_hSc/s640/bestpricebid.PNG

8.discovery.com by - snap - http://3.bp.blogspot.com/-LuPNagueW-4/T3hUApqubkI/AAAAAAAAAOs/B13FADXhFv8/s640/Capture.PNG

9.pocketgamer.co.uk - snap - http://4.bp.blogspot.com/--7LLdA1-QeU/T3hNmJ4sPFI/AAAAAAAAAOg/NRqr8fgUwsE/s640/povket+gamer.PNG

10.zdnet.com - snap -http://4.bp.blogspot.com/-L2EztX0qh7w/T3g3DlxXMtI/AAAAAAAAAOM/qMaWRUmF0zY/s640/zdnet.PNG
patched

11.1up.com - snap - http://imgur.com/uc5y3

12.astrologer.rediff.com - snap - http://i49.tinypic.com/2q8pzqa.png

13.LIC - http://i45.tinypic.com/hx3ek3.png

14.http://warebuzz.com - http://1.bp.blogspot.com/-0rrctaNpS1g/T3gKU52H9sI/AAAAAAAAAN0/NgEEHOy1JJo/s640/ware+buzz.PNG

15.http://www.thedownloadplanet.com - http://2.bp.blogspot.com/-A90-Cs4O2Ow/T3gJY0PwYTI/AAAAAAAAANs/X3YRb8l_-8E/s640/download+planet.PNG

16.http://md5-decrypter.com - http://1.bp.blogspot.com/-wYTXo9rjxdI/T3brfaNUrdI/AAAAAAAAANc/aHu9oAVN4uo/s640/md5-decrypter.PNG

17.http://www.shiksha.com - http://3.bp.blogspot.com/-DE8esm6LDi0/T3bhpjsEExI/AAAAAAAAANU/ooJCO2CIur8/s640/shiksha.PNG

18.http://www.scholastic.com - http://1.bp.blogspot.com/-sFeKT9dyi5A/T3W-JAsfTII/AAAAAAAAANM/zLYTpg_zAZ4/s640/scholastic.PNG

19.http://www.indiatrace.com - http://4.bp.blogspot.com/-Pdkg39UIVLQ/T3W1bF-LK7I/AAAAAAAAANE/O1Lp-3oEndA/s640/Capture.PNG

20.http://www.americanregistry.com - http://1.bp.blogspot.com/-hs2fIRZsgAI/T3VpB4S9wnI/AAAAAAAAAMs/E0lBuFawamc/s640/american.PNG

21.http://www.stockpricetoday.com - http://4.bp.blogspot.com/-drwR5vn2yuY/T3VoHExfzEI/AAAAAAAAAMk/6NRzeUEHMGY/s640/stock+price.PNG

22.http://www.trdefence.com - http://4.bp.blogspot.com/-DDNU3wRnS-k/T3VmNQAmvwI/AAAAAAAAAMc/Pa1-0gAKWa4/s640/turkey+defense.PNG

23.http://industry.net/ - http://1.bp.blogspot.com/-jz5Qprco2l8/T3ViZ8auwDI/AAAAAAAAAMM/fbSHyu34DyM/s640/industry.net.PNG

24.http://www.bdtradeinfo.com - http://4.bp.blogspot.com/-ssrm58lR7Y0/T3SGg5pyVxI/AAAAAAAAALk/PSQdV4_9YQE/s640/bdtradeinfo.PNG

25.dealsandyou.com - http://1.bp.blogspot.com/-PmgIo4Inb8g/T3MTmGEheBI/AAAAAAAAALM/HwKAWSXRMAg/s640/deals+and+you.PNG

26.100bestbuy.com - http://2.bp.blogspot.com/-VpZiQkWQH2Y/T3MSwjfKElI/AAAAAAAAALE/y30pSYfrwrQ/s640/100+best+buy.PNG

27.chennai.burrp.com - http://4.bp.blogspot.com/-YRKuTsUhN6U/T3LrzpQZ2jI/AAAAAAAAAKg/5Gi2Ww225J4/s640/burrp+2.PNG

28.bangalore.burrp.com - http://2.bp.blogspot.com/-Wo3a1kI29ZI/T3LqgRre7jI/AAAAAAAAAKY/V0QsT2s60I4/s640/burp+banglore.PNG

29.http://www.proxysites.com - http://3.bp.blogspot.com/-yiJQdIQI8nw/T3Lp-Drl-KI/AAAAAAAAAKQ/-QzKBTpXAp4/s640/proxy+site.PNG

30.http://vertor.com - http://3.bp.blogspot.com/-AGl5bbo-d3M/T3HhwS0GX2I/AAAAAAAAAKI/OvrpwMYYlMQ/s640/vertor.PNG

31.https://torrentprivacy.com - http://2.bp.blogspot.com/-Ksa-FQtAiXg/T3HgB10v5_I/AAAAAAAAAKA/4RBWC1tYO-k/s640/privacy.PNG

32.www.yifytorrents.com - http://2.bp.blogspot.com/-KPCn5bldif8/T3HWLfWyUPI/AAAAAAAAAJw/2zDLbbttZAY/s640/yify.PNG

33.saavn.com - http://4.bp.blogspot.com/-N1Yvg1yR4BU/T3HI_zKr9zI/AAAAAAAAAJg/IJgRFT2wMHw/s640/saa.PNG

34.www.arabianbusiness.com - http://2.bp.blogspot.com/-ngUEyIWkd7Q/T3GvlQ0sjmI/AAAAAAAAAJY/ZrLBull5om8/s640/arabian.PNG

35.velocity.discovery.com - http://4.bp.blogspot.com/-3vFAtzIfnoA/T3GqX6mj0II/AAAAAAAAAJQ/AXLIAQ6ss_c/s640/velocity.PNG

36.science.discovery.com - http://1.bp.blogspot.com/-ygi6RWwm4r8/T3GqI1LSJyI/AAAAAAAAAJI/A_NvDMps6nw/s640/science.+disco.PNG

37.planetgreen.discovery.com - http://1.bp.blogspot.com/-CuI8fyW1JGQ/T3Gp335-xtI/AAAAAAAAAJA/rKMVzco1IBM/s640/planet+green.PNG

38.investigation.discovery.com - http://4.bp.blogspot.com/-qnWsvSYY8YQ/T3GpdqVeU-I/AAAAAAAAAI4/_9QxkpUTLho/s640/investigation+disco.PNG

39.health.discovery.com - http://4.bp.blogspot.com/-p0wnXa1elEA/T3GpB0aBk7I/AAAAAAAAAIw/a9ZhyEQu4Yc/s640/health+disco.PNG

40.animal.discovery.com - http://4.bp.blogspot.com/-1Hzcu--hP_s/T3GosmdYnvI/AAAAAAAAAIo/Z3KmcFmyw4Y/s640/animal+planet.PNG

41.brothersoft.com - http://4.bp.blogspot.com/-M9esX8gICt0/T3GbKJ-z5kI/AAAAAAAAAIY/DMm0KQEVJwI/s640/brother+soft.PNG

42.http://www.emp3world.com - http://1.bp.blogspot.com/-V8S_UBtNMbw/T3GO2V0qTHI/AAAAAAAAAIM/k-1CIzVcOps/s640/emp3.PNG

43.www.malabargold.com - http://1.bp.blogspot.com/-dMap3sAvV5o/T3B8aHgBKdI/AAAAAAAAAHw/7IzjV4PL144/s640/malabar.PNG

44.www.tanishq.com - http://3.bp.blogspot.com/-EDfBzzJz8iQ/T3B7_16FClI/AAAAAAAAAHo/7W3OBxylZd4/s640/tanishq.PNG

45.http://www.ecb.co.uk - http://3.bp.blogspot.com/-ouWqcIl-6as/T3BwabPqpjI/AAAAAAAAAHg/GDSXL9brJ4c/s640/british.PNG

46.http://www.premierleague.com - http://4.bp.blogspot.com/-7bPcLU0GHw4/T3BrJKI_FLI/AAAAAAAAAHQ/VWVYLw0Nmj0/s640/premier.PNG

47.http://www.cricket.com.au - http://1.bp.blogspot.com/-YmGHDgXCq3M/T3BuAVdhJ5I/AAAAAAAAAHY/kX1_YFZ4VCU/s640/kabarroo.PNG

48.http://www.rapidsharedata.com - http://2.bp.blogspot.com/-mJPoTJVcMic/T3Boa6CFxKI/AAAAAAAAAHI/uPfCqNLo8Qk/s640/rapidshare.PNG

49.www.whatsmyip.com - http://2.bp.blogspot.com/-GzjF_oq33w4/T3A1jMzlRVI/AAAAAAAAAGY/50ntkVG3xos/s640/whatsmy+ip.PNG

50.http://eztv.it - http://4.bp.blogspot.com/-JgMf3qZ9kRo/T27Gi34a61I/AAAAAAAAAFo/9JyXqalNmEM/s640/eztv.PNG

51.http://www.indiaplaza.com - http://2.bp.blogspot.com/-K6izMAgd_ik/T3AcfP2oDpI/AAAAAAAAAGA/yDY-RE8kGW8/s640/india+plaza.PNG

52.asiagamespot.com - http://1.bp.blogspot.com/-cToR0vSQ09Q/T29DkeFu6_I/AAAAAAAAAF4/OLUP0y-jUms/s640/gamespot.PNG

53.http://dunyanews.tv - http://1.bp.blogspot.com/-OouHLv17uwU/T262ogNVDZI/AAAAAAAAAFg/FkVc83KjMp0/s640/pk+news.PNG

54.http://thetwilightsaga.com - http://1.bp.blogspot.com/-5xQCtPSXvQs/T230n1BvqPI/AAAAAAAAAFY/DykhfJN-03I/s640/twilight.PNG

55.https://secure.wsj-asia.com - http://1.bp.blogspot.com/-YfbSmQUp4VQ/T23gKloKEKI/AAAAAAAAAFQ/K-hecZghSEU/s640/wallstreet.PNG

56.expedia.co.in - http://1.bp.blogspot.com/-FIyU9Zz7ik4/T23TB3x7NzI/AAAAAAAAAE8/1l5awVK2HjQ/s640/expedia.PNG

57.http://www.indiainfoline.com - http://2.bp.blogspot.com/-dnZtvmIk44M/T23Qykr8zVI/AAAAAAAAAE0/HuQM6Q1ULfY/s640/iifl.PNG

58.http://www.palestinechronicle.com - http://3.bp.blogspot.com/-iJjcuBwsbqs/T22dno4ma7I/AAAAAAAAAEM/zKOReV8JlQY/s640/Caapture.PNG

59.http://thesims2.ea.com - http://4.bp.blogspot.com/-qPQRpgXJLsI/T2yoEKsYiGI/AAAAAAAAAD4/QQRoOHrs8Ek/s640/C+apture.PNG

60.olx.in - http://3.bp.blogspot.com/-fpt0DzwwZKA/T22-M-6T2nI/AAAAAAAAAEk/PQkFW91TsO4/s640/olx.PNG

Akshay AKA 0z0n3 claimed that he have discovered a Persistent XSS vulnerability in blogspot.com.  He managed to inject the xss vector in his own blogger dashboard. He is sure it is not template page(usually templates allow bloggers to inject scripts ). 

He used one of the following xss vector:
';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>

<IMG """><SCRIPT>alert("XSS")</SCRIPT>">

After injecting, he didn't get a pop-up but after some minutes he started getting pop-ups. He reported about the vulnerability to Google Security team. The vulnerability is not rewarded by Google.


"Thank you for your note. We took a look at the XSS issue you reported. Unfortunatley, the XSS issues is executing on the blogspot domain and not blogger.com. We come some of these scenarios here.

http://www.google.com/about/company/rewardprogram.html#javascript-blogger

Unfortunately, XSS issues on blogspot(as opposed to blogger.com) do not quailfy for the VRP.  If you manage to execute this javascript on someone else's blog or on the blogger.com domain, that would qualify for a reward." Google response mail.

GreyHat Hackers Sony and Flexxpoint come with interesting xss found, discovered cross site scripting vulnerability in Odnoklassniki.  Odnoklassniki (Одноклассники in Russian, Classmates) is a social network service for classmates and old friends reunion popular in Russia and other former Soviet Republics. It was created by Albert Popkov on March 4, 2006.

He provided the vulnerable link and video to demonstrate the vulnerability:

http://www.odnoklassniki.ru/dk?st.cmd=appSearchResultList&st.isEmpty=off&st.query=%22%22%3E%3Cscript%3Ealert%28%22Odnoklassniki.ru%20Cross%20Site%20Scripting%22%29%3C/script%3E%3Ciframe%20src=%22http://xssed.com%22%3E

Screenshot

In order to verify the vulnerability, we have to login because the page is available only for logged in users.

POC video:

Grey Hat hacker "Sony" has discovered Cross site scripting(XSS) vulnerability in Radikal.ru.  Radikal.ru is one of Russia's largest image hosting service that allows you to quickly publish photos on the various chat rooms, message boards, blogs and online forums.

He found XSS vulnerability in multiple pages.

Here is one of the vulnerable link:

http://www.radikal.ru/GALLERY/PageGallery.aspx?pg=258&period=022008%22%22%3E%3Cscript%3Ealert%28%22Radikal.ru%20Cross%20Site%20Scripting%22%29%3C/script%3E&id_gallery=-1

Screenshot

In order to see other vulnerability, you have to login into the website. The vulnerability resides in Edit pics,etc.

Screenshot of the vulnerability

A Hacker group TeamHav0k reformed and made a new group called "TeamDigi7al".  The Hacker group become active now and exposed vulnerabilities in some high profile sites.

Hackers exposed the XSS vulnerabilities in NASA(careerlaunch.jpl.nasa.gov) , Vatican.va and weather.com. Hackers found SQL injection vulnerability in LoC(webarchive.loc.gov) and LFI vulnerability in Humboldt State University (humboldt.edu).

Hackers also hacked and dumped the Bolivian Ambassadors inbox. They upload a 62MB sized RAR file(Emails.rar) in uppit.com.

A Hacker calling himself "Silent Hacker" discovered XSS vulnerability in Disney websites.  The Disney.in website is found to be vulnerable to Cross site scripting.

POC:


http://www.disney.in/DisneyOnline/j/redirect.jsp?redirectURL=%22%3E%3Cscript%3Ealert%28%22XssEd%20By%20SilenT%20HaXoR%22%29%3C/script%3E

Grey Hat hacker "Sony" has discovered Cross Site Scripting vulnerability in Nimbuzz Messenger.&nbsp; According to his report, the Nimbuzz version 2.2.0 is vulnerable to XSS.

Hacker found vulnerability in the Chat Window--&gt;View in Browser. (persistent code). The 'forget password' page is found to be vulnerable to XSS.

Vulnerable Link:
http://www.nimbuzz.com/webchat_login?lang=en&step=2&login=error

Poc:
http://www.nimbuzz.com/webchat_login?lang=%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E

Screenshot:

 An anonymous hacker called AnonymouSpoon has discovered Cross site scripting vulnerability in ITWorld, one of the leading IT security news provider.

"ITWorlds, how does it feel to give advice in staying Secure from hackers but you're not secure yourself" Hackers said in Twitter.

The GreyHat hacker 'Zer0Pwn ‏' has discovered Cross site scripting as well as Sql injection vulnerability in the Yale University website.  We are not providing the SQL injection vulnerable link for security issue. 

The POC for xss vulnerability:
http://bioinfo.mbb.yale.edu/genome/worm/search.cgi?orf=B0244.9%3Cscript%3Ealert%28%22Zer0Pwn%22%29%3C/script%3E

POC:

http://www.kitkat.com/country.html?region="><script>alert("Hacked+by+Silent+Hacker+from+ICL")</script>

Security Researcher's "Matías Lonigro & Fabián Cuchietti" has discovered Self-XSS vulnerability Google Translator page. The vulnerability has been found in the 'translating a Document' option.

Google Translate provides an easy way to translate whole documents, without the need for copying and pasting large blocks of text. Simply click the translate a document link and submit your file as a PDF, TXT, DOC, PPT, XLS or RTF. 

The uploader allows HTML files also. Unfortunately, it does not filter the HTML tags.  It results in executing the HTML code as well as javascript code.  Uploading HTML file embedded with javascript executes the script.

Researcher also provide a POC video:


Even Though this is self-XSS vulnerability, we can not simply ignore it.  Hope , google will fix this issue as soon as possible.

GreyHat hackers Sony and Flexxpoint has discovered Reflected and Persistent XSS Vulnerability found in Vbulletin forum software, one of the famous and most powerful forum software. Hacker claimed that he found xss vulnerability in VBulletin 3.8.x - 4.1.11 .

Hacker have discovered XSS vulnerability in lot of places including '/forum/blog.php' ,'forum/group.php' pages in Vbulletin official websites.


Also hackers found persistent XSS vulnerability in chinclub.ru. They tested this vulnerability in other forums also.They tested this vulnerability in Demo vBulletin Forum. Version 4.1.10.(https://www.vbulletin.com/admindemo.php). Hacker said It's Work in other version too.


Hacker also provide us a simple POC video:


Also Another Hacker ".eof" discovered and published a POC for the xss vulnerability in vbulletin board lastmonth.

GreyHat hackers Sony and Flexxpoint , come with an interesting XSS finding in Invision Power Board. He is not sure which version of the IP Board is vulnerable but he sure it is between 3.1.x to 3.2.x.

Lot of websites are usings IP Board for their support forum.  The forum for PCWorld, GovernmentSecurity.org, Webmoney.ru, Dr.web affected by this vulnerability.
The New-other Recipients fields in compose form of the Personal Messenger page  is found to be vulnerable to XSS attack. Inserting xss code in New-other Recipients and pressing send/preview button, executes the script.

The XSS Vulnerability in IP Board version 3.2.3 used in Dr.Web was fixed before itslef but still exist in dr.Web's forum because they just used a un-patched software at the moment of writing on this post.

GreyHat hackers known as "Sony" and Flexxpoint , have discovered Cross site scripting vulnerability in various Bank websites.

"We staged an experiment out of interest. We looked through several randomly selected websites of Worlds banks to check them for vulnerabilities. This was done rather quick even without any specialized software. The results were not surprising. We will demonstrate different bugs of the same type." Hacker said in his blog post.

Sberbank of Russia(http://www.sbrf.ru), is the largest bank in Russia and Eastern Europe. Sbrf is found to be vulnerable to Cross site scripting vulnerability.

Banki.ru, according to all rating systems in Russia, is the number one bank information website which is profitable and growing. The Banki.ru is found to be vulnerable to redirection vulnerability.
Citizens Bank,Wells Fargo,eximb,procreditbank,Banco Central De Bolivia,vtb24.ru ,homecredit.ru are vulnerable to Cross site scripting. Hacker found XSS in chat application of migbank.com, msufcu.org,bcb.gob.bo.

"We would like to add a few words about security. There's no need to panic, perfect security just isn't possible, though we should try to come as close as possible. We would like to give a couple of advices for these banks. "Hacker wrote in his blog." They should certainly pay more attention to their IT personnel's competence and discipline, spend their money not only on market research, but also on penetration testing, organize penetration testers' contests like Google and Facebook do or possible have their own staff of penetration testers. The bank personnel should be tested for their vulnerability to social engineering. These are just the basics."

 

Earlier this month, Security Researcher @flexxpoint discovered Cross site scripting vulnerability in the official website of Microsoft(microsoft.com). Now, one more XSS vulnerability has been found by GreyHat hacker "Sony" and Flexxpoint.

The "devices" field in the 'Compare Windows Phones' page of Microsoft.com is found to be vulnerable to this attack.

POC:
http://www.microsoft.com/windowsphone/en-us/buy/7/compare.aspx?devices=""><script>alert("XSS by Sony and Flexxpoint")</script><script>alert("Oh..")</script><script>alert("Uh..")</script><script>alert("wow..")</script><script>alert("Microsoft.com Cross Site Scripting")</script><script>alert("meow!")</script><iframe width="420" height="315" src="http://www.youtube.com/embed/SLcBI3JUKZ4" frameborder="0" allowfullscreen></iframe>

Yet,They haven't fix the previous XSS find. It seems that Microsoft don't care about the vulnerability in their website. 

GreyHat Hacker "Sony" , from insecurity.ro ,come with some interesting vulnerability. He has discovered XSS vulnerability in a famous Help desk and customer support software Kayako.

In fact, the vulnerability in kayako has been discovered already by other security researcher .  But sony found that the vulnerability in Kayako Fusion left some high profile sites including AVG Singapore, Comodo websites vulnerable .

He found XSS in Ticket submission.Unfortunately, the XSS is persistent one. When he put his xss code in the all fields and submitted the ticket, the injected xss code is successfully injected in database. Opening the submitted tickets will execute the injected javascript code.

The comodo website uses SupportSuite v3.70.02 and AVG singapore uses fusion app. Both application are found to be vulnerable to this attack.

GreyHat hacker called "Sony", from insecurity.ro, discovered cross site scripting vulnerability in LivePerson and ProvideChat applications.


Live Chat Software Provide Chat is the smarter, easier, more affordable way to chat live and help your online visitors.Hacker found the XSS vulnerability in orgId field of Unavailable.php file.

POC:
http://providechat.com/_chat/unavailable.php?orgId=[our xss is here]

LivePerson creates meaningful, real time customer connections that help businesses increase conversions and improve consumer experience.

Hacker spoke with Tech support and asked who uses the LivePerson. They replied that they have currently
over 8,500 clients, including many Fortune 500 companies such as Verizon, Adobe, Cisco, Estee Lauder, Home Depot, Neiman Marcus, Panasonic, Bank of America, Chase, HSBC, Microsoft, HP, IBM, Hoovers and Citibank.


Hacker provided as demo for the Safe Credit Union and American Airlines Federal Credit Union websites. Also some other high profile and online bank sites including Busey Bank,Del Norte Credit Union, San Diego Metrpolitan Credit Union, Bank Financial,Baton Rouge Telco Federal Credit Union are vulnerable to this XSS attack.

POC:
http://server.iad.liveperson.net/visitor/68511475/window/window_main.asp?site=68511475[our xss is here]&page=&loginsso=

https://server.iad.liveperson.net/visitor/LPaaefcu_mbrsrvs/window/main.asp?site=LPaaefcu_mbrsrvs%22%22%3E%3Cscript%3Ealert%28%221%22%29%3C/script%3E&page=&loginsso=

Hacker known as Zer0Pwn, from Zer0Lulz , come with more vulnerability in CNN website.  Today, he found Cross Site Scripting vulnerability in weather.cnn.com website.

The map.jsp page in the weather.cnn.com allows an attacker to run his own javascript code.  An attacker can use this vulnerability for hijacking cookies, phishing attack.    

Poc:

weather.cnn.com/weather/maps.jsp?region=na&mapview=sat%22%3E%3C/Zer0Lulz%3E%27-/%22/-%3Cimg%20src=%22LULZ%22%20%22%3E%3Cbody%20onmouseover=alert(%22XSS%22);%3E

Yesterday, Hacker found Remote File Inclusion(RFI) vulnerability in CNN website.