Given any scripting string in search box of the above mentioned website, xss will be there..!!http://www.dare2compete.com/search/keywords/%22%3E%3Cimg%20src%3Dx%20onerror%3Dprompt%281%29%3E
Now the bug is fixed according to dare2compete security team :)
No comments:
Post a Comment