Showing posts from May, 2012 Vulnerable to XSS - Cross Site Scripting

Title: Vulnerable to XSS - Cross Site Scripting Script Link: &>">/* Script Here */=1 &SZ=0&symbol=Asp& Author: Yogesh Jaygadkar  Reported: Tuesday, May 01, 2012  Vulnerability Fix date : 22 May 2012  Public Release: 22 May 2012  Browser : FireFox , IE OS : Win7 , Ubuntu Description:  XSS - Cross Site Scripting Vulnerability found in .Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts are injected into the trusted web sites. Cross-site scripting (XSS) attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere. An attacker can use XSS to send a malicious script to an u