XSS(Cross Site Scripting) Vulnerability

October 17, 2011

0×1 Site :
0x3 Author : Sandeep Kamble
0×4 Reported : October 12, 2011
0×6 Public Release : October 17 2011
0x7 Status: Fixed

Description : is a service for avoiding spams .
This project to stop attacks and educate visitors with infected computers about how they can clean up their machines.

Affected Variable :

Exploit :
Executing Javascript using the vulnerable variable called as ?b_src= . This attack is commonly know as Cross Site Scripting (XSS) + affected script having stored Xss attack which can used for the grabbing the cookies .


Screen Shot :

Cloud XSS

Countermeasure :

1) Determine whether HTML output includes input parameters
2) In short perform input sensitization


I like to thank the cloudflare Security Team for their quick responses to my reports.

We Provide Penetration Testing

We Provide Penetration Testing