The Hack o blog

Reinventing the weel

Sony (XSS) cross site scripting.

Image representing Sony as depicted in CrunchBase

Well it is most definitely by now no secret that Sony’s online security is some what lacking,  I’m not sure when Sony will get there act together lets hope soon the only Xbox game I have is The Orange Box.

A new XSS on one of the Sony’s  support pages, has been brought to my attention and here it is.

 http://www.css.ap.sony.com/CLIE/announcement/AnnDetails.asp?Id=408%22%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E

Don’t worry the script is just an alert and Sony has been notified, however other  sub domains have not been tested for this XSS vulnerability.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: