One of friends showed me this website long time back - Joberix.com - a job search engine. Wait, I am not trying to market this website or review this website, that is not my interest either!.
Just like any other search engine, this site simply searches based on keywords and when I searched for "Sales Executive" ( I am not a sales executive though ;-)) it took me to a conventional results page like this.
What is interesting here is what happens when I search for a string like "<style>body {background: red;}</style>Gotcha! Now this is how you do client side code injection!!" the results page changes like this. Or when I search for something like "<script>var x=document.cookie;alert("Arun Ragh now have access to your Joberix cookies - " + x);</script>" it take me to a very vulnerable page like this. I can basically read all your Joberix related cookies which I can always use it to fake requests from your joberix account.
It is a simple but a very critical client-side code injection mechanism in websites to get access to your password protected data, but I am still wondering why Joberix.com is not bothered to fix this issue. :-)
As I published this post I realized that blogspot.com also has this vulnerability. :-P
Saturday, September 4, 2010
Subscribe to:
Posts (Atom)