xss in link items (mopub.com)
Unknown
Vulnerability Details
Hi,
1)go link items and select text,tile
2)enter image and give click url as javascript://%0a%0dalert(document.cookie)
3)xss pop's up
it is not a self xss because admin can invite many people to his inventory and there sessions can be hijacked.
regards
prashanth
dups team :)
Actions
View on HackerOneReport Stats
- Report ID: 100931
- State: Closed
- Substate: resolved
- Upvotes: 13