[+] Exploit Title : American University Washington XSS Vulnerability
[+] Exploit Author : 4TT4CK3R
[+] Tested on : Windows , Mac , Linux kali (sana)
[+] Home Page : http://american.edu
[+] Vulnerable Address : https://www.wcl.american.edu/search.cfm?q=
[+] Description :
Recently we discovered XSS vulnerability on the American University Washington website.
if you want to search any string on the website , this website printed your searched string
in the url and you can change it from here.
ok .. we can pentesting XSS vulnerability on this website.
For doing this pentesting we can using more bypass methods of this vulnerability.
For example we searching "xss" string.
URL of websited changed to this type :
https://www.wcl.american.edu/search.cfm?q=xss#gsc.tab=0&gsc.q=xss&gsc.page=1
ok. now we can running xss scripts with different bypass methods of this vulnerabuility.
We can use 'head' bypass method for pentesting xss vulnerability on this website ... Therefore :
"" 'head' <" /><script>alert('xss')</script>" 'head' >""
now on this website :
https://www.wcl.american.edu/search.cfm?q=%22%22%20%27head%27%20%3C%22%20/%3E%3Cscript%3Ealert(%27xss%27)%3C/script%3E%22%20%27head%27%20%3E%22%22#gsc.tab=0&gsc.q=salam&gsc.page=1
[+] ScreenShot :
https://i.imgsafe.org/95d0fe66df.jpg
[+] Exploited by 4TT4CK3R
[-] Patching soon ...
[+] Exploit Author : 4TT4CK3R
[+] Tested on : Windows , Mac , Linux kali (sana)
[+] Home Page : http://american.edu
[+] Vulnerable Address : https://www.wcl.american.edu/search.cfm?q=
[+] Description :
Recently we discovered XSS vulnerability on the American University Washington website.
if you want to search any string on the website , this website printed your searched string
in the url and you can change it from here.
ok .. we can pentesting XSS vulnerability on this website.
For doing this pentesting we can using more bypass methods of this vulnerability.
For example we searching "xss" string.
URL of websited changed to this type :
https://www.wcl.american.edu/search.cfm?q=xss#gsc.tab=0&gsc.q=xss&gsc.page=1
ok. now we can running xss scripts with different bypass methods of this vulnerabuility.
We can use 'head' bypass method for pentesting xss vulnerability on this website ... Therefore :
"" 'head' <" /><script>alert('xss')</script>" 'head' >""
now on this website :
https://www.wcl.american.edu/search.cfm?q=%22%22%20%27head%27%20%3C%22%20/%3E%3Cscript%3Ealert(%27xss%27)%3C/script%3E%22%20%27head%27%20%3E%22%22#gsc.tab=0&gsc.q=salam&gsc.page=1
[+] ScreenShot :
https://i.imgsafe.org/95d0fe66df.jpg
[+] Exploited by 4TT4CK3R
[-] Patching soon ...
Açık kapatılmış hocam ..
YanıtlaSil