Store XSS
High
Vulnerability Details
Hello Team.
I found a Store XSS. Where the company name is the vulnerable to XSS. If you give this below XSS script as Company name, you will get the XSS pop up after the login in message option where it'll randomly generated at the message room.
“><IMG SRC=x onerror=javascript:alert("XSS-by-Imran")>
Here is the POC:
https://youtu.be/dqrH2WhIgtk
Thanks
Actions
View on HackerOneReport Stats
- Report ID: 187410
- State: Closed
- Substate: resolved
- Upvotes: 43