MOSEB-22: Vulnerability at

20:43 23.06.2007

Next participant of the project is AOL Search engine. It is one of the popular search engines (in USA).

The vulnerability is at AOL Search ( in Recent Search History. This Cross-Site Scripting hole I found 24.05.2007 (and it is similar to second hole in MOSEB-19 Bonus: Vulnerabilities at


The vulnerability is in a parameter:

Moral: engines’ recent search history can be dangerous.

Note, that AOL engine use Google search engine. So Google also responsible for this vulnerability.


Also I prepared others holes at AOL Search. So wait for today’s bonus post ;-) .

Leave a Reply

You must be logged in to post a comment.