Vulnerability Type: Cross Site Scripting (XSS)
Details/Writeup-
Google recently changed it's design of Google Play which lead to this XSS vulnerability.
Head to Google Play settings (https://play.google.com/settings)
Change Nickname of your mobile to below XSS vector-
"><img src=x onerror=prompt(1);>
and click on Update.
Now, go to any application page.
The XSS vector will execute-
Google rewarded me with 5000$ for reporting this vulnerability.
- Reported on 16 July 3013
- Fixed on 17 July 2013
Details/Writeup-
Google recently changed it's design of Google Play which lead to this XSS vulnerability.
Head to Google Play settings (https://play.google.com/settings)
Change Nickname of your mobile to below XSS vector-
"><img src=x onerror=prompt(1);>
and click on Update.
Now, go to any application page.
The XSS vector will execute-
Google rewarded me with 5000$ for reporting this vulnerability.
Posts
3 comments
excellent bro
ReplyThanks!
ReplyBEST & MOST WANTED
Replyhttp://www.boombu.com - fitness you x
http://www.sextamina.com - sex xx
http://www.aceofbeauty.com - fat loss sexy
http://www.bestbuyx.com - sex xx
http://www.theorchidx.com - orchids orchidaceae phalaenopsis care
http://www.babxyz.com - dog food xx
http://www.babysolve.com - baby potty xx
http://www.suwandri.com - options trading xx
http://www.googleclickbank.com - forex fx xx
http://www.jelema.com - fat loss xx
http://www.bestbuygameguide.com -- betting money xx
mesothelioma master xx
Post a Comment