
Vulnerability Description=> Cross-site scripting is a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.
1. Go to the site (http://ordermanagementscript.com/demo/video-newspaper/) β β β β

2. In Search Bar paste this code => ‘><img src=x onError=prompt(“Aniket”) >β β β β

3. You will see an XSS popup onscreen β β β β


Leave a Reply