[Full-disclosure] MBT Xss vulnerability

[Jerome Athias]

Hey guy, do you know something about XSS
1) Phishing?
2) encoded URL, UTF8...?
3) cookie steal?
...

it'll not be difficult to reproduce a website and have an url difficult
to understand for a basic user...
sure it's harder to spoof the url in the browser...
//

Native.Code a écrit :
> What a lame vulnerability it is. If your POC redirects to another site
> (which is not MBT site), how someone will become victim and believe that
> he/she is doing business with MBT?
>
> Your post is yet another proof that FD is more and more inhibited by scipt
> kiddies. Get a life!
>   


---------------------------------------------------------------------------------------------------------
About FD:
"Speech is silver, but silence is gold"


/JA
/https://www.securinfos.info/