XSS Vulnerability in Interactive YouTube API Demo Beta
There is a Critical Cross site XSS Vulnerability in Interactive YouTube API Demo Beta, Discovered by various sources. One of the White Hat Hacker "Vansh Sharma" Inform us about this XSS Vulnerability with proof of concept.Proof Of Concept :
- Open https://gdata.youtube.com/
- Enter script <img src="<img src=search"/onerror=alert("xss")//"> in the keyword area.
- Press ADD