A particular class of attacks commonly referred to as “code insertion” and often “Cross-Site Scripting” has become increasingly popular. Yesterday we reported about Cross site scripting bug Paypal and Apple.

Hacker from Inj3ct0r Team reported a XSS Cross site scripting Vulnerability on MSN.com website. Vulnerability exist of a subdomain of MSN at http://news.de.msn.com/. Details posted in an advisory. Cross site scripting occurs when a web application gathers malicious data from a user.

Hackers said that, "The goal is to close the capabilities gap between the cyber-criminals and white hats, by enabling defenders to perform more comprehensive testing of their defenses."

According to report, this XSS is working perfectly with Internet Explorer and Opera web browser, Proof of Concept URL's are posted in advisory and Image as shown.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.