Stored xss

Disclosed: 2016-08-03 14:55:35 By sysecure To algolia

Unknown

Vulnerability Details

Hi ,i have found an xss issue here : https://www.algolia.com/explorer#?index=test&tab=ranking Steps to reproduce : 1-Go to : https://www.algolia.com/explorer#?index=test&tab=ranking 2-At the Attributes to index add this script :`"><img src=x onerror=prompt('XSS');> ` and press enter . 3-Click save You will see that the xss has been fired . You can go to https://www.algolia.com/explorer#?index=test&tab=ranking again you will see that xss is fired again . Thanks , Saleh

Actions

View on HackerOne

Report Stats

Report ID: 149154
State: Closed
Substate: resolved
Upvotes: 41

Stored xss

Vulnerability Details

Actions

Report Stats

Share this report