XSS Via Method injection
None
Vulnerability Details
Hi guys
i found a low risk vuln , when you request a page on gratipay.com with uncommon Method , the server responds with error message .
Invalid Method 'Invalid HTTP method:TTEGETTT
with out escaping chars
so when you inject an html element with method you can trigger an XSS .
Steps to reproduce
- make an http request with a method like this
<img|src='3'|onerror=alert(3)/>
Fix :
you should validate the method value before printing it back in responses
Actions
View on HackerOneReport Stats
- Report ID: 161621
- State: Closed
- Substate: informative
- Upvotes: 3