IT 技术

文豆 & 文库:


About Group Main Page’s Search Field XSS (Cross-Site Scripting) Security Vulnerabilities

(1) Domain Description:

"For March 2014, 61,428,000 unique visitors were registered by comScore for, making it the 16th-most-visited online property for that month." (The New York Times)

", also known as The About Group (formerly About Inc.), is an Internet-based network of content that publishes articles and videos about various subjects on its "topic sites," of which there are nearly 1,000. The website competes with other online resource sites and encyclopedias, including those of the Wikimedia Foundation" (Wikipedia)

(2) Result of Exploiting XSS Attacks
"Exploited XSS is commonly used to achieve the following malicious results
    Identity theft
    Accessing sensitive or restricted information
    Gaining free access to otherwise paid for content
    Spying on user’s web browsing habits
    Altering browser functionality
    Public defamation of an individual or corporation
    Web application defacement
    Denial of Service attacks (DOS)
" (Acunetix)

Vulnerability Discover:
Wang Jing, Division of Mathematical Sciences (MAS), School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore.

Blog Details:

热度 ( 19 )
  1. 白帽子安全琐事,日常之事 转载了此视频  到 测试想法
  2. 计算机网络技术文豆 & 文库 转载了此视频  到 行者路上有風有雨有彩虹
  3. 计算机网络技术文豆 & 文库 转载了此视频  到 绿意蛙鸣
  4. 计算机网络技术文豆 & 文库 转载了此视频  到 IT 计算机&信息网络 技术
  5. 计算机网络技术文豆 & 文库 转载了此视频
  6. 白帽子安全数学日记 转载了此视频  到 竹意
  7. 白帽子安全数学日记 转载了此视频  到 湛天雲海碧波影
  8. 白帽子安全数学日记 转载了此视频  到 文豆 & 文库
  9. 白帽子安全数学日记 转载了此视频

© IT 计算机&信息网络 技术 | Powered by LOFTER