(http://img195.imageshack.us/img195/5343/wififileexplorer.png)
Aplicacion de android Wifi file explorer
Vector: <script>alert('xss');</script>
Resportado: SI
CitarHi Paul!
I'm ANTRAX, user of Underc0de (www.underc0de.org), this is a comunity of Security Research. We are White Hat and we report bugs to vulnerable sites.
Today while I used Wifi file explorer, I found a XSS in the search box of the aplication.
To reproduce the bug:
Enter to the website aplication
1.- http://192.168.x.x:8000
2.- Put in the search box: <script>alert('xss');</script>
3.- Push enter
Please, see the attached screenshot
(http://img195.imageshack.us/img195/5343/wififileexplorer.png)
if you need help to fix the bug, just tell us and we help you!
Our group does not charge money for this report, but if you want to help our community that continue to grow, please put our link on your site and we will continue reporting bugs!
Best Regards!
Underc0de Security Research