Reflected - XSS

Disclosed: 2024-10-21 10:13:27 By mathara To mtn_group
High
Vulnerability Details
## Summary: Hi, Team I'm Found Reflected XSS ## Steps To Reproduce: 1.Nave to https://www.mtn.bj/ 2.Go to Messages 3. Enter XSS Payload : * <h1 onauxclick=confirm(document.domain)>RIGHT CLICK HERE 4. Reflected the popup ## Impact Cross site scripting attacks can have devastating consequences. Code injected into a vulnerable application can exfiltrate data or install malware on the user's machine. Attackers can masquerade as authorized users via session cookies, allowing them to perform any action allowed by the user account.
Actions
View on HackerOne
Report Stats
  • Report ID: 1779447
  • State: Closed
  • Substate: resolved
  • Upvotes: 45
Share this report