Cross-site scripting (XSS) vulnerability fixed on White House Site

On March 21st, a Georgian Security Expert,Ucha Gobejishvili ( longrifle0x ), discovered xss vulnerability on the official White House Website.He published it on his blog and contacted the person in charge of the website to inform him about this issue..The vulnerability was in the search module of the official website.

The screenshot above is a proof of the vulnerability discovered by the security expert.

Vulnerable Link:

Link: http://search.whitehouse.gov/search?utf8=%E2%9C%93&query=%3Cscript%3E%3C%2Fscript%3E%3Cmarquee%3Evulnerability%3C%2Fmarquee%3E&locale=en&m=&embedded=&affiliate=wh&filter=moderate&commit=Search

After the administrator received this information,he immediately fixed this problem and by now the link is of no use.He must be grateful to the security expert because nowadays hackers are targeting official government websites around the world.

Source:

Softpedia

http://secday.blogspot.com/