Full Disclosure

Multiple XSS in Babylon

June 2, 2016 007admin Leave a comment

Posted by Francisco Javier Santiago Vázquez on Jun 02

I. VULNERABILITY
————————-
Vulnerability Cross-Site Scripting (XSS)

II. PROOF OF CONCEPT
————————-*URL: *

1. http://espanol.babylon-software.com/bht/index.html?trid=
2. http://traductor.babylon-software.com/ingles/a-espanol/
3. http://traduccion.babylon-software.com/?trid=

*Vector:* <img src=1 onerror=alert(“n0ipr0cs”);>/

*State:* unpathed

III. SYSTEMS AFFECTED…

Leave a Reply Cancel reply

You must be logged in to post a comment.

Software and Security Information