XSS in gist integration
Unknown
Vulnerability Details
1. Create a gist called:
"><svg onload=alert(1)>
2. have gist integration enabled and put a link in a slack chat
3. Visit the 'raw' or 'new window' pages for this gist, for example: https://outpost.slack.com/files/zemnmez/F029MDY33/___svg_onload_alert_1__
Actions
View on HackerOneReport Stats
- Report ID: 11073
- State: Closed
- Substate: resolved
- Upvotes: 154