XSS(Cross Site Scripting) Vulnerability

October 17, 2011

0×1 Site :
0x3 Author : Sandeep Kamble
0×4 Reported : October 12, 2011
0×6 Public Release : October 17 2011
0x7 Status: Fixed

Description : is a service for avoiding spams .
This project to stop attacks and educate visitors with infected computers about how they can clean up their machines.

Affected Variable :

Exploit :
Executing Javascript using the vulnerable variable called as ?b_src= . This attack is commonly know as Cross Site Scripting (XSS) + affected script having stored Xss attack which can used for the grabbing the cookies .


Screen Shot :

Cloud XSS

Countermeasure :

1) Determine whether HTML output includes input parameters
2) In short perform input sensitization


I like to thank the cloudflare Security Team for their quick responses to my reports.

We Provide Penetration Testing
October 17, 2011 @ 7:38 am

nice work man !!!

February 18, 2013 @ 11:19 am

This is my first time go to see at here and i am really impressed to
read all at single place.


Leave a Reply

Your email address will not be published. Required fields are marked *


We Provide Penetration Testing