Tag: Cross Site Scripting

Overview ASUS Router RT-N10 Plus is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the result_of_get_changed_status.asp script. A remote authenticated attacker could exploit this vulnerability using the flag parameter in a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once […]

Couple of days back, I reported XSS and Content Spoofing on LinkedIn. Here are the details of the issues. Cross Site Scripting: What is Cross Site Scripting? XSS (Cross-site Scripting) allows an attacker to execute a dynamic script (Javascript, VbScript) in the context of the application. This allows several different attack opportunities, mostly hijacking the current session […]