daviddengcn
commented
5 years ago gosearchresults.com has nothing to do with go-search.org.
Closed m-vinay closed 5 years ago
daviddengcn
commented
5 years ago gosearchresults.com has nothing to do with go-search.org.
I found a reflected XSS issue on gosearchresults.com Steps to reproduce: Call the following URL in Mozilla Firefox: https://lavasoft.gosearchresults.com/?sbtn=&q=ola%3Cscript%3Ealert%28%27I+can+send+any+message+here%21%27%29%3C%2Fscript%3E&tt=VM__GS__S4LAVA__vmn__webcompa__1_0__go__ch_WCYID10438__180722__yrff&pid=5ac784309091147a162b4431&sr=0
An alert box with "I can send any message here!" appears. This means that an attacker has full control of the scripts, that are executed in the victims browser. An attack vector would be sending an evil link via e-mail, messenger, etc. As the victim trusts the domain gosearchresults.com, it will click the link and could be redirected to a site hosting a browser exploit kit. This abuses the trust of gosearchresults.com When i enter any script in URL bar then after clicking enter it encrypt the URL in encoded form but still script gets exicuted. This is a big problem by which a hacker can steal the cookies of victim's browser and also can redirect that user to any other site or search engine.
