Stored Cross site scripting
Unknown
Vulnerability Details
hello zomato team,
i have found a stored xss on https://www.zomato.com/beirut/garcias-dbayeh-metn
step to reproduce
--------------------------
1- write a review by this payload : >'>"><img src=x onmouseover =prompt(document.domain)>
2-click edit
3- xss will excute :)
video : https://youtu.be/ibawEBPQs3g
best regaeds,
Amir Ezat.
Actions
View on HackerOneReport Stats
- Report ID: 145246
- State: Closed
- Substate: duplicate
- Upvotes: 8