CNN Cross Site Scripting / Open Redirect

Credit: Wang Jing
Risk: Medium
Local: No
Remote: Yes

*CNN <> XSS and <> Open Redirect Security Vulnerability* *Domain:* "CNN is sometimes referred to as CNN/U.S. to distinguish the American channel from its international sister network, CNN International. As of August 2010, CNN is available in over 100 million U.S. households. Broadcast coverage of the U.S. channel extends to over 890,000 American hotel rooms, as well as carriage on cable and satellite providers throughout Canada. Globally, CNN programming airs through CNN International, which can be seen by viewers in over 212 countries and territories." (Wikipedia) "As of August 2013, CNN is available to approximately 98,496,000 cable, satellite and telco television households (86% of households with at least one television set) in the United States." (Wikipedia) *Vulnerability Description:* CNN has a security problem. It cab be exploited by XSS (Cross Site Scripting) and Open Redirect attacks. Based on news published, CNN users were hacked based on both Open Redirect and XSS vulnerabilities. According to E Hacker News on June 06, 2013, "(@BreakTheSec) came across a diet spam campaign that leverages the open redirect vulnerability in one of the top News organization CNN." After the attack, CNN takes measures to detect Open Redirect vulnerabilities. The measure is quite good. Almost no links are vulnerable to Open Redirect attack on CNN's website, now. It takes long time to find a new Open Redirect vulnerability that is un-patched on its website. was hacked by Open Redirect in 2013. While the XSS attacks happened in 2007. *<1>* "The tweet apparently shows cyber criminals managed to leverage the open redirect security flaw in the CNN to redirect twitter users to the Diet spam websites." (E Hacker News) At the same time, the cybercriminals have also leveraged a similar vulnerability in a Yahoo domain to trick users into thinking that the links point to a trusted website. Yahoo Open Redirect Vulnerabilities: *<2>* XSS hacked *(1) CNN ( <>) Travel-City Related Links XSS (cross site scripting) Security Vulnerabilities* *Domain:* *Vulnerability Description:* The vulnerabilities occur at "" pages. All links under this URL are vulnerable to XSS attacks, e.g The vulnerability can be exploited without user login. Tests were performed on Firefox (34.0) in Ubuntu (14.04) and IE (9.0.15) in Windows 7. *Poc Code:*' /"><img src=x onerror=prompt(/justqdjing/)>' /"><img src=x onerror=prompt(/justqdjing/)> *(1.1) Poc Video:* *Blog Details:* *(2) CNN <> ADS Open Redirect Security Vulnerability * *Domain:* *Vulnerability Description:* The vulnerability occurs at "" page with "&Redirect" parameter, i.e. The vulnerability can be attacked without user login. Tests were performed on Chrome 32 in Windows 8 and Safari 6.16 in Mac OS X v10.7. *(2.1)* Use the following tests to illustrate the scenario painted above. The redirected webpage address is "". Suppose that this webpage is malicious. *Vulnerable URL:* *Poc Code:* *(2.1) Poc Video:* *Blog Detail:* Those vulnerabilities were reported to CNN in early July by Contact information from Here. Reported by: Wang Jing, School of Physical and Mathematical Sciences, Nanyang Technological University, Singapore. *Blog Details:* -- Wang Jing School of Physical and Mathematical Sciences (SPMS) Nanyang Technological University (NTU), Singapore


Vote for this issue:


Thanks for you vote!


Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020,


Back to Top