Cross Site Scripting (Reflected) on https://www.acronis.cz/

Disclosed: 2021-11-17 10:00:49 By darkdream To acronis

Low

Vulnerability Details

Summary You can post javascript and html code in form fields steps : 1-go to vulnerability link : https://www.acronis.cz/poptavka-acronis/ 2- enter this javascript code "><script>alert(1);</script> in form field for xss and enter <a+href="https://bing.com">Test</a> for html injection. ## Impact Impact 1- Cookie stealing 2- Pishing attacks 3- URL redirection

Actions

View on HackerOne

Report Stats

Report ID: 1084156
State: Closed
Substate: resolved
Upvotes: 26

Cross Site Scripting (Reflected) on https://www.acronis.cz/

Vulnerability Details

Actions

Report Stats

Share this report