14 DAY TRIAL // Vansh and Vaibhuv, two Indian hackers proved an XSS vulnerability many were talking about on underground forums. They showed that AOL Energy's website, responsible for providing news, analysis and discussions in the electricity sector, presents a serious XSS vulnerability.
The Hacker News revealed that the non-persistent Cross-Site Scripting weakness was claimed by others also, but they got word on it from the Indian duo.
This type of vulnerability, typically found in web applications, can enable an attacker to inject malicious codes into the pages viewed by users. It can also be utilized to bypass access controls, being one of the most common flaws exploited by hackers.
In this situation, we are faced with another somewhat popular website that could be easily used by cybercriminals to serve malware.