Nishant Das Patnaik


# Exploit Title: Non Persistent XSS in Link Redirection CGI Script
# Date: 20th January 2010
# Author: Nishant Das Patnaik
# Link:
# Version: NA
# Tested on: NA
# CVE : NA
# Code : The above mentioned link can be manipulated by appending some malicious encoded URL and can be used for phishing purposes. This link when sent to a unsuspecting Rediff user through his/her email may redirect to a fraudulent website used for phishing. This is possible because the redirection script doesn't use any URL tokens for each legitimate redirection link generated.


Make a Free Website with Yola.