Cross-site scripting is a security hazard that allows crackers to interfere with your program’s logic by inserting their own logic. – www.google.com.ph/search?q=define+xss
The 2 government websites of United States are the following:
- Argonne National Laboratory
A sub domain is affected (mcs.anl.gov)
Proof of concept:
URI here. .
- National Oceanic and Atmospheric Administration
Proof of Concept:
Both websites fail to sanitize the p parameter.
In addition to those websites, the official website of mozilla appears also being pawned by Megafab. If you will visit this proof of concept link sent to me, a pop up message will show, “megafab was here.”
Like us on Facebook to be updated! View all details here.