xss in https://www.uber.com
Unknown
Vulnerability Details
Hey,
this vulnerability is essentially the same as bug 145276, i'm reporting it again just in case.
there's a cross site scripting vulnerability in https://www.uber.com/.
steps to reproduce:
1.visit https://www.uber.com/?kxsrc=https%3A//beacon.krxd.net/optout_check%3Fcallback%3Dalert%28/XSSED/.source%29
2. wait until the page finishes loading
3.see the xss alert.
wonder it would be eligible for a bounty?
Cheers,
Mario
Actions
View on HackerOneReport Stats
- Report ID: 145278
- State: Closed
- Substate: resolved
- Upvotes: 64