Google Authenticator - Cross Site Scripting

Disclosed: 2016-10-11 17:21:56 By iamsha4yan To iandunn-projects

Unknown

Vulnerability Details

Hello #Vulnerable File: : `/views/token-prompt.php` #Vulnerable Link : `15` `<input type="hidden" name="gapup_login_nonce" value="<?php echo esc_attr( $_REQUEST['gapup_login_nonce'] ) ?>" />` # Vulnerable Code: `<?php echo esc_attr( $_REQUEST['gapup_login_nonce'] ) ?>` Good Luck/

Actions

View on HackerOne

Report Stats

Report ID: 172606
State: Closed
Substate: not-applicable
Upvotes: 1

Google Authenticator - Cross Site Scripting

Vulnerability Details

Actions

Report Stats

Share this report