XSS via password recovering
Unknown
Vulnerability Details
I found that xss can be executed if we provide xss payload as a password in Uber during password recovery.
Steps to follow:
1) Goto https://login.uber.com/forgot-password
2) Enter email and submit
3) Open the recover link you got
4) Enter Set password: <script>alert(document.domain);</script> and submit it
5) Click Show password
XSS Executed.
Video and screenshot added
Actions
View on HackerOneReport Stats
- Report ID: 131123
- State: Closed
- Substate: informative
- Upvotes: 4