Thursday, May 3, 2012

Microsoft Bug #1: Cross-Site Scripting (XSS) Found in

Sow Ching Shiong, an independent vulnerability researcher has discovered a Cross-Site Scripting (XSS) vulnerability in, which can be exploited by an attacker to conduct XSS attacks.

Proof of concept
Tested in IE9 with XSS filter enabled
============================ by Sow Ching Shiong/%2529%253B%253C%252Fscript%2520%253E

This vulnerability has been confirmed and patched by Microsoft Security Team. I would like to thank them for their quick response to my report.

Microsoft White Hat

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.