XSS Vulnerability Found in Google Translator

An IT security expert from India who goes by the name of Christy Philip Mathew has found a critical XSS vulnerability in sub-domain of Google translator [www.translate.google.co.in].

The expert reported that this vulnerability can an be later exploited by the hackers to attack the users via session Hijacking, phishing attacks or if exploited to git, it can also infect the users with dangerous spywares, adwares and malware by uploading a simple scripted TXT file on the Internet.

The vulnerable link is mentioned below:

XSS URL: http://translate.google.co.in/translate?hl=en&sl=sq&tl=en&u=http%3A%2F%2Fdemo.offcon.org%2Ftest.html

The script will be uploaded in a txt file and can be executed while the user clicks translation tab on the website.

Follow @HackRead

XSS Vulnerability Found in Google Translator

Waqas

Add your comments:

XSS Vulnerability Found in Google Translator

Waqas

more from hack read

Facebook users targeted with ‘Wat are u Doing in This Video’ Message Phishing Scam

Israeli Defense Ministry Computer Hacked by Palestinian Hackers

Pakistani Researcher Founds Critical XSS Vulnerability on Brazzers, BMW, Toyota and Ford Website

Pakistani Security Researcher Founds XSS Vulnerability in IndiaTimes and Ask.com

Indian Security Researcher Founds XSS Vulnerability in Photobucket.com

Add your comments: