Posts

Showing posts from September, 2015

XSS vulnerability in Google image search

Image
Seven days ago I reported to Google Security a XSS vulnerability I discovered in Google image search. It's not very hard to find , but it's tricky to exploit! I was looking for an image to set as my profile picture on HackerOne , I found the image I was looking for , opened it in a new tab and something in the url attracted me. The url was " http://www.google.com.eg/imgres?imgurl=https://lh3.googleusercontent.com/-jb45vwjUS6Q/Um0zjoyU8oI/AAAAAAAAACw/qKwGgi6q07s/w426-h425/Skipper-LIKE-A-BOSS-XD-fans-of-pom-29858033-795-634.png&imgrefurl=https://plus.google.com/103620070950422848649&h=425&w=426&tbnid=ForZveNKPzwSQM:&docid=OEafHRc2DBa9eM&itg=1&ei=9ID8VZufMYqwUfSBhKgL&tbm=isch " the value of the parameter "imgurl" is set to the href attribute of an <a> tag with the text "View image". So , I tried changing that parameter to "javascript:alert(1)" and boom , the href attribute changed to "j