XSS bug found. | ww.wp.xz.cn

Hacked
(@applemonz)

12 years ago

Hi,
I found a XSS bug in this plugin.

Step to reproduce.

1:- Go to the Plugin settings.

2:- Add the payload to the OAuth Token box.

3:-Boom we will get the XSS.

Payload:- “><img src=x onerror=prompt(‘XSS’);>

https://ww.wp.xz.cn/plugins/bitly/

The topic ‘XSS bug found.’ is closed to new replies.

Tags

xss

0 replies
1 participant
Last reply from: Hacked
Last activity: 12 years ago
Status: not resolved