The Hacker News

XSS (Cross site Scripting) Vulnerability discovered on Google Code website as shown. Claimed to be Discovered by Vansh Sharma & Vaibhuv Sharma.

Proof Of Concept: Just go to https://code.google.com/apis/ajax/playground/ and then click on edit HTML after that remove all the codes and type this script:
<img src="<img src=search"/onerror=alert("XSS")//">
And click on DEBUG CODE, and then first it will show you "Sample must have <head> element" click OK and wait for the window to load if nothing happen then try the same thing again or simply you can click on RUN CODE, and you will get a popup which is XSS.

Another Similar XSS posted by +Pirate, as posted on HackForum Community.
The Hacker News


Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.