I was so deprived of caffeine today so I couldn't do any work except erring in the dark sides of the internet till I got to the skype home page. Once there, the first thing I tried was of course some XSS injection, that's just a 'weby' thing, I can't help it.
I was amused to see that after 3 characters, the skype home page started to show beatiful html code where it should not, a very good sign for an XSS injection.
Here you go, on the home page, locate the "See how little it costs to call phones and mobiles with Skype" search box and type -"> , you should get something like this :
Now type in your favorite XSS verse, I use < script > alert(document.cookie) < /script >, Voilà! the result:
I was amused to see that after 3 characters, the skype home page started to show beatiful html code where it should not, a very good sign for an XSS injection.
Here you go, on the home page, locate the "See how little it costs to call phones and mobiles with Skype" search box and type -"> , you should get something like this :
Now type in your favorite XSS verse, I use < script > alert(document.cookie) < /script >, Voilà! the result:
