Cybersecurity

A particular class of attacks commonly referred to as "code insertion" and often "Cross-Site Scripting" has become increasingly popular. Yesterday we reported about Cross site scripting bug Paypal and Apple.

Hacker from Inj3ct0r Team reported a XSS Cross site scripting Vulnerability on MSN.com website. Vulnerability exist of a subdomain of MSN at https://news.de.msn.com/. Details posted in an advisory. Cross site scripting occurs when a web application gathers malicious data from a user.
The Hacker News

Hackers said that, "The goal is to close the capabilities gap between the cyber-criminals and white hats, by enabling defenders to perform more comprehensive testing of their defenses."

According to report, this XSS is working perfectly with Internet Explorer and Opera web browser, Proof of Concept URL's are posted in advisory and Image as shown.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.