Sunday 13 November 2011

Programmersheaven.com Persistent XSS Vulnerability

A very very popular website that provides resources to the beginner, intermediate and advanced programmers, www.programmersheaven.com suffers from persistent XSS vulnerability which is very critical.

Original credits for finding the flaw goes to Learn3r aka DaNePaLI who suggested me the vulnerability and gave permission to mail it to the programmersheaven.com team.

Check the URL http://www.programmersheaven.com/download/40665/download.aspx to see the vulnerability in action.

Screenshot: