[Owasp-delhi] Rediff Search engine XSS Vulnerability

Abhay Bhargav ab at sisa.co.in
Wed May 13 10:49:58 EDT 2009


Hi All

I have discovered that Rediff's search engine is vulnerable to Cross  
Site Scripting flaws due to output encoding issues.

Read all about it and see the PoC at my blog http://citadelnotes.blogspot.com/

Regards
Abhay Bhargav
CISSP, CISA, CPA, PCI QSA, OCTAVE Implementer
SISA Information Security Pvt.Ltd.
Bangalore, India


-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20090513/fe9a23af/attachment.html 


More information about the Owasp-delhi mailing list