search

soaivu / clipbucket

Automatically exported from code.google.com/p/clipbucket
0 stars 0 forks source link

XSS Found In Clipbucket V3 #436

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
Hello,

I'm Salman Khan And I'm A Computer Expert, Web Developer, Graphics Designer & 
Web Security Researcher.

I Found Vulnerability In Clip Bucket V3 . Please Check 
http://v3.clipbucket.net/videos.php?cat=1&sort=most_recent&time=all_time&seo_cat
_name=%22%3E%3Cimg%20src=x%20onerror=prompt%283%29;%3E . XSS Error Is In Videos 
Categories.

Bug Type : Cross Site Scripting
Checked in : Firefox
OS : Windows

Impact : Cross-site scripting (XSS) is a type of computer security 
vulnerability typically found in Web applications. XSS enables attackers to 
inject client-side script into Web pages viewed by other users. A cross-site 
scripting vulnerability may be used by attackers to bypass access controls such 
as the same origin policy.

Proof Of Concept : See The Attachment.

Kindly fix this bug as soon as possible .

Thanks !

Regards ,
Salman Khan
Creatix™

Original issue reported on code.google.com by salmankh...@gmail.com on 14 Oct 2013 at 12:38

Attachments:

GoogleCodeExporter commented 8 years ago 
v3 is closed

Original comment by arslan...@gmail.com on 24 Feb 2015 at 10:09