Tuesday, May 30, 2017
Home / Security / Exploits / XSS Vulnerabilities found in Major US Government sites

XSS Vulnerabilities found in Major US Government sites

The infamous @SuperSl1nk has done it again, he has found XSS DOM flaws in a total of 4 US government sites.

He showed proof yesterday via Twitter.

https://twitter.com/SuperSl1nk/status/273585944358182912

https://twitter.com/SuperSl1nk/status/273581111735619584

This includes National Geospatial-Intelligence Agency, Defence Intelligente Agency, National Geospatial-Intelligence Agency (different server), Central Intelligence Agency and NCIS.navy.mil.

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. Due to breaches of browser security, XSS enables attackers to inject client-side script into Web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same origin policy.

SuperSl1nk in the past has hacked a number of government agencies back in 2011, which includes the Department of Defense (DoD), Pentagon, NASA, NSA.

 

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Amazon hacked – hacker leaks 80,000 login credentials

A hacker going by the name 0x2Taylor has said to have breached the servers of …