Videos
Published on November 30th, 2019 📆 | 7040 Views ⚑
0Sony Vaio Cross Site Scripting | XSS us.vaio.com
Free Text to Speech
I was going through in us.vaio.com and came across a page. The Page contains a post regarding "Windows 10 Fall Creators Update". At the end of the post there is widget box of "Was this article helpful?". I capture the HTTP request through Burp Proxy and observe the it contain Feedback box and has a unique id of feedback. It was POST request, I replace the 'id' parameter to XSS Payload and Boom. It executes the payload.
video, sharing, camera phone, video phone, free, upload
2019-11-30 19:12:18
source
Gloss