XSS vulnerability in Bing.com Maps

One of the Security Researcher "Juan Sacco (runlvl)" - Insecurity Research Labs expose the Cross Site vulnerability (XSS) in Bing.com Search Engine. BING.COM is prone to a XSS vulnerability because the application failsto properly perform adequate boundary checks on user-supplied data.An attacker can exploit this issue to execute arbitrary code in thevictim's browser.

Details :
The reflected XSS vulnerability is a variant of a cross-site scriptingflaw: it occurs when the data provided by the attacker is exectued bythe browser, and then displayed on "normal" pages returned to otherusers in the course of regular browsing, without proper HTML escaping. Aclassic example of this is with online message boards where users areallowed to post HTML formatted messages for other users to read.
Vulnerable Link

Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.