sleed Posted November 19, 2014 Report Share Posted November 19, 2014 (edited) Vulnerability: Multiple Cross Site Scripting Stored Status: Raported PoC*:_____________________//Edit: Stiam asta Abraxys. Nu e in blogulmeu.tumblr.etc.. @quadxenon Se executa prin post . Edited November 19, 2014 by sleed //Comment Quote Link to comment Share on other sites More sharing options...
abraxyss Posted November 19, 2014 Report Share Posted November 19, 2014 "[yourblogname].tumblr.com can be the *source* of an exploit, but not the *target*. A post or theme which executes 'alert(document.cookie)' on your blog is not an eligible bug." Say what Quote Link to comment Share on other sites More sharing options...
Active Members 0xStrait Posted November 19, 2014 Active Members Report Share Posted November 19, 2014 http://i58.tinypic.com/n63p7c.pngIn url bar arata tumblr[.]com, iar in pop-up assets... sunt curios de vectorul tau ()Anyway, bravo. Quote Link to comment Share on other sites More sharing options...
Aerosol Posted November 19, 2014 Report Share Posted November 19, 2014 felicitari @sleed dupa ce primesti confirmarea (daca le-ai raportat) sa postezi si tu vectorul. Quote Link to comment Share on other sites More sharing options...
quadxenon Posted November 19, 2014 Report Share Posted November 19, 2014 http://i58.tinypic.com/n63p7c.pngIn url bar arata tumblr[.]com, iar in pop-up assets... sunt curios de vectorul tau ()Anyway, bravo.Doar eu vad in imaginea aia tXmblr.com ? Quote Link to comment Share on other sites More sharing options...
Aerosol Posted November 19, 2014 Report Share Posted November 19, 2014 Doar eu vad in imaginea aia tXmblr.com ?nu, acum am observat si euThe page at https://assetx.txmblr.com say: Quote Link to comment Share on other sites More sharing options...