Uncategorized XSS Vulnerability

Luis Santana of the HackTalk Security Team has discovered a Reflective XSS Vulnerability in the website. XSS Cross Site Scripting vulnerability

The search function of the website is vulnerable to Reflective XSS which allows an attacker to inject arbitrary HTML or Javascript into the website. The following PoC url illustrates successful exploitation of the vulnerability.


We recommend sanitizing the GET request for the ‘q’ variable in the search function using the PHP htmlspecialchars(); function to prevent attacks like this from occurring.

About the Author:

Get Adobe Flash player