| Wednesday May 25th 2016

Universal XSS In PDF

generic dvd codeMore XSS (Cross-site Scripting) fun! After yesterday’s post I realized that not everyone reads hacker blogs so I feel it as my duty to post it here. Stefano Di Paola and Giorgio Fedon have found a universal XSS in PDF. RSnake found also a vulnerability on local PDF file execution. This is bad people; Every server in this universe that host PDF files can be used by phishers to execute XSS in the users browser, and that’s a lot. Adobe has issued a patch which you can download. So go upgrade your PDF reader. I show you the way how it is being done here:

Normal PDF:



Related Posts: On this day...

Leave a Reply

You must be logged in to post a comment.