XSS in SnapDeal.com
Threat/Vulnerability: Cross site scripting a.k.a XSS, URL Redirection
Severity : Moderate
Author: Karthik R a.k.a 3psil0nlambda
I have informed the owner (CEO) but got no response, acknowledgement of receipt of the mail.
About the Site:
India’s fastest growing shopping site.
*XSS a.k.a Cross site scripting
Once found out the Vulnerability, it can be used in the following URL to create any attacks.
*Installing malware in the name of Snapdeal.com and gain credit card and other important credentials
*Phishing URL Redirection, and gain login-ID and password
URL used for crafting attacks:-
Greetz to side-effects, r4dc0re, lord crusader, team inject0r