Insecure Times: Fresh stock: XSS in NASA

Tuesday, February 10, 2009

Fresh stock: XSS in NASA

###############################
# Website: http://www.nasa.gov
# Open source & NASA
# Bug: XSS
# Date: 10.02.09
#############################

Vulnerable URL: hxxp://opensource.gsfc.nasa.gov/feedback.php
Post based XSS: any field

Click here for POST request

Fix input validation in all the fields...

Cheers,
Kish

Insecure Times

Tuesday, February 10, 2009

Fresh stock: XSS in NASA

No comments:

Blog Archive

About Me

Visit our main website - Crimemachine !