XSS vulnerability in gotoquiz
- Locked due to inactivity on Dec 15, '17 3:54am
Thread Topic: XSS vulnerability in gotoquiz
-
sadboy66 Newbiethis is the geek but I was banned for finding this lol
[no urls]
example there, pretty sure there are other places this would work
there is also this really wacky bug with blockquotes on gtq, if you post a string of unclosed strikethroughs then a string of unclosed blockquote tags gtq goes wild and replicates the strikethrough tags a lot -
the cookie system is also pretty week and could reveal the password and username of a user from their cookies, which could be coupled with a request to change the password or post it
-
sadboy66 Novice>post an exploit that could be used to automatically change the password to something random for every gtq user
>get ignored
>post that someone called me gay
>hundreds banned, cops called -
Can the mods even do anything about that though?
-
sadboy66 Novicelike, all gtq guy does these days is read mod talk
-
i wish he read that forum
-
His last post on there was an entire year ago
-
Wait, who called you gay? Point me to the culprit. The hammer of justice will fall swiftly and without mercy on this degenerate. This issue has my undivided attention.
-
sadboy66 Noviceno but I am somewhat gay so it is kind of justified
-
oh
carry on then -
did some more testing and this can def be exploited to steal passwords
-
Le1F Advancedhack gtq guy
-
I'm gonna assume GTQ Guy is dead since he won't answer anyone
this is the end -
RIP GTQ Guy
-
geek is GAY?
This thread is locked, therefore no new posts can be made.
