Black Hat Schedule website vulnerable to cross-site scripting
Poc:
http://blackhat2010.sched.org/venue/Break/XSS
http://sched.blackhat.com/venue/IFRAME
http://sched.blackhat.com/venue/Opening%20Ceremonies/XSS
the old bug seems to be fixed but you can still see the mirror on xssed.com
No response to “Black Hat Schedule XSS again”
Leave a reply