A reader of iGuRu.gr επικοινώνησε μαζί μας μέσω email για να μας ανακοινώσει μια ευπάθεια XSS που ανακάλυψε σε μια ιστοσελίδα του Whatsup.gr.
The message states:
"Good evening,
… ..The blank is of type XSS and is on its page http://m.whatsup.gr/
We have sent you similar ones in the past security gaps, where you have published them, and in some there was a response from the responsible administrators, that is why we are now also sending you the blank on the WhatsUp page, so that the responsible ones can deal with it.
I have attached the image that clearly shows the XSS, of course and for the sake of truth I can send you exactly the blank. "
Another email with her followed address where is the problem. We won't publish the XSS of course, but it's here for anyone from the WhatsUp admin team to check.
It follows screenshot sent to us by our reader who reported the security flaw.