XSS on one of the most visited polish website

Today I’ve found on one of the most visited Polish website ( Goldenline.pl ) the XSS vulnerability – but what is bad that it is really simple type of XSS.

Why they are not filtering any input ?! – is completely incomprehensible !

Screen Shot 2014-04-14 at 13.56.53

Screen Shot 2014-04-14 at 14.09.06

Leave a Reply