Cobalt Crowdsourced Application PentestCobalt Crowdsourced Application PentestCobalt Crowdsourced Application Pentest

Cobalt Vulnerability Wiki


V5 - Validation/Sanitization

Flash-Based XSS

POC

Send the payload in the URL for the SWF-file http://testURL.swf?link=javascript:alert(document.domain) Note: This is a broad concept, above payload is just an example

Impact

Medium

Likelihood

Medium