HACKED NOKIA WITH REFLECTED CROSS-SITE SCRIPTING VULNERABILITY….
Hello, Hackers Welcome to my other write-up of Nokia Hacked with RXSS Vulnerability…
This time Nokia is my target…
I started from Google Dorks…
And I discovered this url
Nokia Self-Certification IOT - Login Page
Self-Certification Platform LEGAL NOTICE You are not authorised to view, download, print, copy, distribute or use the…
As you can see the msg parameter says ‘Session Timed out. Please Login Again’
LOOK INTO STEPS:
- Simply I entered script tag into message parameter like this <script></script>
2) I enterd this payload into messsage parameter.
Impact of Reflected XSS:
Attackers use phishing emails, malicious links, and other techniques to trick victims into making a request to the server. The reflected XSS malicious data is then executed in the victim’s browser.
Youtube Video: https://youtu.be/e9kpmCajTzA
Thanks for taking the time to read my write-up and share it with your friends, Like & Follow for more updates.