Stored XSS on Shoutjax.com

A stored cross site scripting vulnerability located in every shoutbox of shoutjax.com
Simply type in any javascript payload.
<script>alert(1)</script>
Fixed on: 5/10/2012
shoutjax

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s