II. Behind the Scene about How I got this Issue
Few years ago, I read one of the nice article from one of the bug hunter when he just got much of XSS issue at big names company by put the XSS payload at his SSID name (I really lost those bookmark because one thing). In short, when he surfing to much apps, he got so many app that reflecting the value of his SSID name (and the XSS was triggered). From there, then I start to use the XSS payload as my SSID name (on my OS X).
So, few months ago, I got a notebook (with windows inside) from the office that I working for. I installed anything that I need from tethering connection and leave the Avast AntiVirus for the last (at home). At home, I continue the installation and everything goes right.
Until someday I use this notebook again for training purpose. In the middle of training (day 3 or day 4), I having an issue with the used connection. So, suddenly this notebook connect to my tethering connection automatically (with Avast has been installed), and within few second, I got a popup alert with “https://local.avast.com” appears at my desktop.
issue avast desktop antivirus windows 18653 18654 story reflected triggering affected antivirus since basically
