XSS vulnerability found on shop.airtel.com

Standard

I was randomly browsing through shop.airtel.com and discovered a XSS vulnerability. This involves one of the simplest forms of XSS attack, known as end title tag attack. This vulnerability is present in such web pages where the search string is directly put between title tags, without sanitizing it.

So, by simply closing the title tag and putting the script tag after it does the trick. I searched for the following in the search box on the page shop.airtel.com:

</TITLE><SCRIPT>alert("XSS ;-)");</SCRIPT>

And there it was, the alert dialog box!!! (see screenshot below)

Note: This type of vulnerability is blocked by Google Chrome’s XSS auditor, so use firefox to test it.

airtel-xss

Leave a Reply

Your email address will not be published. Required fields are marked *