Thursday, October 28, 2010

Paper.li vulnerable to XSS


Read Twitter as a daily newspaper

paper.li organizes links shared on Twitter into an easy to read newspaper-style format. Newspapers can be created for any Twitter user, list or #tag.

POC:

http://paper.li/ToolsWatch/~list?sort=by_src&tag=XSS

And funny html injection

http://paper.li/ToolsWatch/~list?tag=XSS

No comments: