Youtube XSS Vulnerability [Stored -> Self Executed]

in Google Web Application Security Pentesting XSS on Share

Bug Type: Stored XSS Vulnerability | Self Executed
Vulnerable parameter: Playlist Name
Status : Fixed

Detailed WriteUp: Hey all 🙂 , Last month i reported a Stored XSS vulnerability to Google which was in youtube playlist module. The playlist name was not being sanitized properly which caused js code to be executed in few parts of site

Reproduction Steps :
1. Create a playlist name [ t” onmouseover=alert(/xss/); a=” ] . * Without rectangle braces [ ] .
2. Now there are multiple places where this above js code will execute . One is Click edit on any of your uploaded video . On editor page click on Add to Playlist . When you mouseover the playlist name the above js code will execute. Other place where the code gets executed is when we are uploading a video , there it ask for Add to playlist.

 

Thanks Google for the reward :

 

On October 4 i reported another XSS in youtube. Will blog about that after fix.
Thanks for reading 🙂

(Visited 703 times, 1 visits today)

You May Also Like

on

[Solution] Plesk suddenly crashed with 500 Internal Server Error

on

Stored XSS in Google Doubleclick Studio [Google Research Grant]

on

cPanel UI & Permission bug leads to source code dump of millions of sites

Leave A Comment

Your email address will not be published. Required fields are marked *