29 March 2013

Another Stored XSS in Facebook.com

29 March 2013,

Hi, I wanted to share my finding in regard to Stored XSS in Facebook.com. First, I need to state that finding any Stored XSS […]

31 December 2012

swfupload.swf XSS

31 December 2012,

Hi, Just want to share my finding, I found another XSS Vulnerability in swfupload.swf PoC:     http://demo.swfupload.org/v220/swfupload/swfupload.swf?buttonText=%3Ca%20href=%22javascript:alert%28top.location%29%22%3EClick+For+XSS%20%3Cfont%20size=%2216%22%3E%3C/a%3E   Vulnerable Parameter: buttonText Vulnerable Code: […]