SHARE

 
A Cross Site Scripting Vulnerability found in Cisco sub domain newsroom.cisco.com by a 14 Year Youngest security researcher Ali Hasan Gauri, today he reported us about his Latest vulnerability he found in Cisco sub domain. 

After reporting this Vulnerability to CISCO they fixed that. 

 
 


Ali Hasan also added:

 

Cisco fixed this XSS Vulnerability very soon But Don’t offer any reward for Researchers . 

Conversation between Ali Hasan and Cisco

  

Ali Hasan reported to Cisco

 



Cisco replied to Ali Hasan
 

–>

Screenshot taken by Ali Hasan of his Vulnerability
 
This is not the first one he reported us, he has found up to 21 Vulnerabilitiesin many sites you can see the description of those Vulnerabilities below:
This small boy is not so small, here is a details of Vulnerabilities he found in Various websites:
  1. Ebay XSS Vulnerability Found on Mar/7/2013

 

  • OLX XSS Vulnerability Found on Mar/7/2013

 

 

  • BrainTree Payments DOM Based XSS Vulnerability Found on Jan/5/2013

 

 

  • Amazon XSS Vulnerability Found on Feb/21/2013

 

 

  • GitLab Critical Bug Found on Feb/6/2013

 

 

  • Adobe XSS Vulnerability Found on Feb/23/2013

 

 

  • ChinaBuye XSS Vulnerability Found on Dec/15/2012

 

 

  • Albaraka DOM Based XSS Vulnerability Found on Jan/10/2013

 

 

  • BarracudaLabs Critical Bug Found on Feb/16/2013

 

 

  • Cnet XSS Vulnerabilities Found on Feb/27/2013

 

 

  • File Hippo XSS Vulnerabilities Found on Feb/20/2013

 

 

  • DailyMotion XSS Vulnerability Found on Feb/9/2013

 

 

  • Bidvertiser XSS Vulnerability Found on Feb/9/2013

 

 

  • W3schools XSS Vulnerability Found on Jan/29/2013

 

 

  • Microsoft Critical Bug was Discovered on Feb/12/2013

 

 

  • Apple Same Bug just like Microsoft Critical Bug was Discovered on Feb/24/2013

 

 

  • Naaptol XSS Vulnerability Found on Dec/13/2012

 

 

  • Myspace XSS Vulnerability Found on Dec/27/2012

 

 

  • US.Acer XSS Vulnerability Found on Jan/7/2013

 

 

  • Hamariweb XSS Vulnerability Found on Jan/8/2013

 

 

  • Elance XSS Vulnerability Found on Jan/14/2013 

 

For Latest Updates follow us on Facebook, Twitter and Google+

NO COMMENTS

LEAVE A REPLY

This site uses Akismet to reduce spam. Learn how your comment data is processed.