
###################################
# Website: http://www.wbhealth.gov.in
# Bug: XSS
# Date: 22.12.08
##################################
Vulnerable URL: hxxp://www.wbhealth.gov.in (Site-Search feature)
Pages: site_search.asp, and site_search_result.asp
Text book style XSS for you ladies and gentlemen

Fix input validation in the search box for god's sake before people ruin the website.
Cheers :)
Kish
No comments:
Post a Comment