sleed Posted November 19, 2014 Report Posted November 19, 2014 (edited) Vulnerability: Multiple Cross Site Scripting Stored Status: Raported PoC*:_____________________//Edit: Stiam asta Abraxys. Nu e in blogulmeu.tumblr.etc.. @quadxenon Se executa prin post . Edited November 19, 2014 by sleed //Comment Quote
abraxyss Posted November 19, 2014 Report Posted November 19, 2014 "[yourblogname].tumblr.com can be the *source* of an exploit, but not the *target*. A post or theme which executes 'alert(document.cookie)' on your blog is not an eligible bug." Say what Quote
Active Members 0xStrait Posted November 19, 2014 Active Members Report Posted November 19, 2014 http://i58.tinypic.com/n63p7c.pngIn url bar arata tumblr[.]com, iar in pop-up assets... sunt curios de vectorul tau ()Anyway, bravo. Quote
Aerosol Posted November 19, 2014 Report Posted November 19, 2014 felicitari @sleed dupa ce primesti confirmarea (daca le-ai raportat) sa postezi si tu vectorul. Quote
quadxenon Posted November 19, 2014 Report Posted November 19, 2014 http://i58.tinypic.com/n63p7c.pngIn url bar arata tumblr[.]com, iar in pop-up assets... sunt curios de vectorul tau ()Anyway, bravo.Doar eu vad in imaginea aia tXmblr.com ? Quote
Aerosol Posted November 19, 2014 Report Posted November 19, 2014 Doar eu vad in imaginea aia tXmblr.com ?nu, acum am observat si euThe page at https://assetx.txmblr.com say: Quote