http://securityaffairs.co/wordpress/wp-content/uploads/2015/06/forbes-2-726x400.png
The security expert Rafael Fontes Souza has discovered vulnerabilities in the website of Forbes and decided to disclose them for educational purpose.
Let me introduce myself, I’m a Brazilian Security Information Consultant, you can contact me searching on LinkedIn Rafael Fontes Souza. First I found vulnerabilities in the website of Forbes, and was thinking about how to do it ethically, in that case was applied HTMLi (HTML Injection), sent message to my brother Muhammad Shahzad(Youngest Ethical Hacker from Pakistan) for we explore more attack vectors and to report correctly, but unfortunately it is not easy to contact the vendor.
Now, I am going to explain some concepts of the attack in summary:
Full Article