Indian Security Researcher, Nikhil Kulkarni, has discovered Reflected Cross site scripting vulnerability in the official website of CrunchBase, a free wiki-style directory of people, technology companies, and investors.
The real name field in the User page found to be vulnerable to XSS attack. Nikhil immediately report about the vulnerability to TechCrunch and was told not to disclose this
Reflected XSS Vulnerability in Crunchbase
Comments