Quantcast
Channel: E Hacking News - Latest Hacker News and IT Security News
Viewing all articles
Browse latest Browse all 6409

Reflected-XSS Vulnerability in Change.org

$
0
0
A Security Researcher Adwiteeya Agrawal has discovered Non-persistent Cross site scripting(XSS) Security flaw in the Change.org.

Change.org is the web's leading platform for social change, empowering anyone, anywhere to start petitions that make a difference.


The vulnerability has been discovered in the Simple Search Form used in the website. The developer fails to validate the search keyword given by the user.

POC:
 https://www.change.org/search?utf8=✓&q=<script>alert("XSS By Adwiteeya Agrawal")</script>


Viewing all articles
Browse latest Browse all 6409

Trending Articles