XSS Vulnerability at the Panteion University

A reader of iGuRu.gr informed us in an e-mail that he discovered XSS vulnerability in the Panteion University of Social and Political Sciences page.

Together with the vulnerability report, we also provided an image that demonstrates the security gap. XSS

Provided scripting ή XSS (δεν ονομάζεται CSS γιατί υπάρχει ήδη η ονομασία αρχείων .css) αναφερόμαστε στην εκμετάλλευση διάφορων ευπαθειών (computer systems by entering HTML code or on a website.

A malicious user could enter code on a website through an entry text, for example, which would not cause the web site administrator or visitor to filter out the site properly. example:

 
https://test-selida.gr?name=alert("Τίτλος xss") script >


The malicious user could succeed:


Theft of passwords / accounts etc of personal data

Change website settings

Theft of 

Fake  (via, e.g., a link)


Vulnerability refers to the weakness of the system that the site supports to filter and reject any harmful inputs.

	

			

	

			

		
	

		








In case the site administrators are interested in more information, they can contact us at info@iguru.gr to promote their vulnerability.


Description XSS: Wikipedia




iGuRu.gr The Best Technology Site in Greecefgns







every publication, directly to your inbox

			

			

									

						
						
					


					

						
						
						
						
												
					

							

							

					Join the 2.087 registrants.

alertcookiescrosshttpsI'm sure

Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).