doc/bugs/XSS_Alert...__33____33____33__.html

   1 Respected Sir,
   2 Your website "webconverger.org" is vulnerable to XSS Attack.
   3
   4 Vulnerable Links:
   5 webconverger.org/ikiwiki.cgi?action=verify&do=signin&openid_identifier=1
   6
   7 How To Reproduce The Vulnerability :
   8 1. Go to this link : webconverger.org/ikiwiki.cgi?action=verify&do=signin&openid_identifier=1
   9 2. refresh the page and intercept the http request using "brup suite" then at parameter "openid_identifier=" put xss payload
  10 3. forward the request
  11
  12 XSS Payload :
  13 1. "></script><script>prompt(909043)</script>
  14 2. "></script><script>prompt("XSS Alert...!!! : Hacked By Raghav Bisht")</script>
  15 3. "></script><script>prompt(document.cookie)</script>
  16
  17 NOTE : Proof of concept is attached.
  18
  19
  20 Thank You...!!
  21
  22
  23 Your Faithfully,
  24 Raghav Bisht
  25 raghav007bisht@gmail.com
  26
  27 > Thanks Raghav for reporting this issue. I've fixed it in ikiwiki.
  28 >
  29 > --[[Joey]]