Reflected XSS on https://█████████html?url
Medium
Vulnerability Details
##Vulnerable Website URL or Application:
https://███████html?url=javascript:alert("nagli")
##Description of Security Issue: (please limit to one site/app per submission)
Reflected XSS due to no input validation
█████████
##Remediation
Sanitize the input on the that parameter
##Best Regards
nagli
## Impact
Executing Javascript on behalf of the victim
Actions
View on HackerOneReport Stats
- Report ID: 1071524
- State: Closed
- Substate: resolved
- Upvotes: 7