Rediffmail XSS vulnerability disclosed

A member of the ‘NULL’ mailing-list today announced a ‘Persistent XSS’ vulnerability in the ‘subject’ parameter of RediffMail’s email application.
This Vulnerability was discovered and reported by w4rl0ck.d0wn and Rockey Killer of h4ck3r crew
Check out their PoC video at:
Rediffmail PoC
Continue reading

Advertisements