Hello... Go! Black Hat is another blog for Pure Black Hat Hacking Guides.

XSS on Feedly.com

+ No comment yet
according to alexa, feedly's global rank is 393 and it's Google PR is 7/10 which are quite niche. many of you have not heard about feedly but after the google reader have dead according to blogs like PCMag, gizmodo, verge and many more it have been the number one choice for RSS Reader. if you are a person who loves reading several blogs, like me feedly is for you. it takes all the news or blog title and shows it to one screen. 

it was a simple Persistant  XSS, as soon as i typed into the search bar <img src=x onerror=prompt(1)> the alert pop-up came out!

after that i have reported this vulnerability to feedly and after few day i got their reply..

and next day, i got feedly pro accout :)

here is the youtube video for the same vulnerability.. 

Post a Comment