[█████████] Reflected Cross-Site Scripting Vulnerability

**Description:** A reflected cross-site vulnerability was found at `███████/██████`. ## References ## Impact XSS is a versatile attack vector which opens the door to a large number of social-engineering and client-side attacks ## System Host(s) ██████ ## Affected Product(s) and Version(s) ## CVE Numbers ## Steps to Reproduce 1. Open the following URL ``` https://████████/████████████href=%22j%0A%0Davascript:confirm(1)%22%20/%3E%3Ch1%3ECLICK%20ME%3C/h1%3E%3C/a%3E ``` 2. Click the text written "CLICK ME" on the right side of the page 3. Get an alert box, confirming XSS. ## Suggested Mitigation/Remediation Actions