XSS vulnerability Found On SourceForge.net

SourceForge Vulnerable To Cross Site Scripting Injection

A security researcher WilyXem from spain has discovered Reflected cross site scripting vulnerability in SourceForge(sourceforge.net).

SourceForge is a web-based source code repository. It acts as a centralized location for software developers to control and manage free and open source software development.

The vulnerability exists in the job finding page of sourceforge. The developer fails to validate input coming frin the text box that allows user to search jobs.

This left the text field vulnerable to attack.

jan 23, 2013   

GET OUR TOP STORIES

FOLLOW THEHACKERSBLOG

The poc code:
sourceforge.net/jobs?age=1&text=1%22%3E%3Cscript%3Ealert%28%22WilyXem%20==%20UnderC0de.org%22%29%3C/script%3E&zip=10003&submit=Search

Tweet Tweet to @TheHackersBlog Catch Us On Google+
Source - e Hacking News

◙   Stay Connect with Us:- Facebook  §   Twitter   §   Google+   §   LinkedIn   §   YouTube  §   Email Us   ◙ 

Article written by Niraj kashyap [ Admin ]

NiRaj KashYap aka Root_Crawler is Founder and Editor-In-chief of TheHackersBlog. Also he is a Certified Information Security Expert [C.I.S.E], Web-Designer, PHP programmer. Blogger and a Strong Supporter of Anonymous and WikiLeaks. My Effort is to make Security Much Stronger. .  

▲Want to SUBMIT you News ◙ Click Me↓ ( its Totally Free ) ◙ 

|||  Or Want to Write For Us ◙ Click Me ◙ ▲

THE ARTICLE IN THIS POST IS FOR INFORMATIVE AND EDUCATIONAL PURPOSE ONLY..FOR MORE INFORMATION OR FOR ANY QUERIES CONTACT US.