Another XSS injection in Rambler.
Based on habratopik . I decided to look at other search services of the Rambler, FTP-Search turned out to be
vulnerable
Alas, having fixed in one place they forgot in the rest ...
UPD . I was very surprised at the number of search engines that couldn’t handle such garbage (Au.ru, Webalta) ...
vulnerable
)%253C/script%253E){kind=link}
Alas, having fixed in one place they forgot in the rest ...
UPD . I was very surprised at the number of search engines that couldn’t handle such garbage (Au.ru, Webalta) ...
')
Source: https://habr.com/ru/post/47679/
All Articles