..:: AHSAN HACKING STUFF ::..

This is the personal blog of Ahsan Tahir (Cyber Security Researcher) You can see his PoCs and other hacking tips/tricks here!

..:: AHSAN HACKING STUFF ::..

This is the personal blog of Ahsan Tahir (Cyber Security Researcher) You can see his PoCs and other hacking tips/tricks here!

..:: AHSAN HACKING STUFF ::..

This is the personal blog of Ahsan Tahir (Cyber Security Researcher) You can see his PoCs and other hacking tips/tricks here!

..:: AHSAN HACKING STUFF ::..

This is the personal blog of Ahsan Tahir (Cyber Security Researcher) You can see his PoCs and other hacking tips/tricks here!

..:: AHSAN HACKING STUFF ::..

This is the personal blog of Ahsan Tahir (Cyber Security Researcher) You can see his PoCs and other hacking tips/tricks here!

Saturday, 23 April 2016

Stored XSS In World Beyblade Organization, Found by Ahsan Tahir

By  No comments:

SITE: World Beyblade Organization
BUG: Stored XSS (cross-site-scripting)
SECURITY RISK: High
STATUS: Patched!


Reproduction Steps :

1- Login in to your account
2- Go to Your profile and  click on edit profile
3-  Now change tumblr and set it to cross site scripting payload "><img src=x onerror=prompt(/xss-by-ahsan/)>
4- Click update profile and go to your profile , pop up will be executed!
Proof Of Concept Screen Shot:


Proof Of Concept Video:


Read More