Saturday, September 23, 2017
Home / Security / Exploits / Persistent XSS Found on Blogspot

Persistent XSS Found on Blogspot

A security researchers that goes by the name ANTRAX, also an admin over at Underc0de.org, has contacted us with a vulnerability he found on Blogspot.com, which is owned by Google.

The exploit in question is a persistent XSS, which when exploited will be stored and executed every visit.

The persistent (or stored) XSS vulnerability is a more devastating variant of a cross-site scripting flaw: it occurs when the data provided by the attacker is saved by the server, and then permanently displayed on “normal” pages returned to other users in the course of regular browsing, without proper HTML escaping. A classic example of this is with online message boards where users are allowed to post HTML formatted messages for other users to read.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Amazon hacked – hacker leaks 80,000 login credentials

A hacker going by the name 0x2Taylor has said to have breached the servers of …