Found XSS Vulnerability in Blogger
Thursday, June 14, 2012
0
comments
I am a blogger and use Google's Blogger platform to publish my posts. This blog is also hosted on Blogger. Few days back, i noticed something strange on blogger. Then i tried to do some research on that.
After few minutes of research, I found XSS on blogger.
If you are a regular user of Blogger, you notice an alert error box of blogger which generally prompts on the screen. This experiment deals with that. I am not revealing details as i have contacted with Google regarding the issue.
Here are few snapshots:
A prompt Box
After writing the post, when i saw the preview of the post, these boxes were also there.
I gave the preview link of post to other users logged in their blogger account, they were also able to see their cookies.
After few minutes of research, I found XSS on blogger.
If you are a regular user of Blogger, you notice an alert error box of blogger which generally prompts on the screen. This experiment deals with that. I am not revealing details as i have contacted with Google regarding the issue.
Here are few snapshots:
A prompt Box
Cookies On Alert Box
Custom Message on Alert box
I gave the preview link of post to other users logged in their blogger account, they were also able to see their cookies.
Categories:
Cyber News,
Deepanker,
XSS
0 comments:
Post a Comment