www.Orkut.com, the social networking site from Google, one of the biggest e-business company, still very much exposed to the XSS bug. Even though on orkut's official blog the orkut team says that they have fixed the bug and the new features of the orkut scrapbook cannot be exploited anymore, but the problem is still there and seems to be at large. As per the orkut team "..We believe that this action has been effectively stopped" but here below I am sharing a small script that does the trick on your orkut scrapbook.
If someone copies the below script and sends you a scrap in your scrapbook, you automatically are logged out of orkut. And even if you try login again and go to your scrapbook, you are logged out again. I would suggest not trying this with your friends, because if you do so.. they might not know how to delete your scrap and could never come out of this problem.
Here is the script, which when copy pasted in your friends scrapbook. does the trick
Also there is a method of avoiding these kinds of XSS bug in your scrapbook and also there is a method by which one can delete these kind of scraps (Will write about it latter some time). [via]
Update : This is blocked by orkut and not working anymore.
Labels:
News
,
Security
0 comments:
Post a Comment
Wanna say something? Use the below comment box to reach me.