XSS on Report Classic

Disclosed: 2017-11-03 14:14:00 By nihadrekanym To infogram
Unknown
Vulnerability Details
hi team ... i found XSS on https://infogram.com/app/#/library #step .. 1- go to https://infogram.com/app/#/library 2- choose __Report Templates__ . 3- Use __Report Classic__ 4- click to __edit_data__ 5- payload > <img/ src=1 onerror= alert(document.cookie)> //#"><svg/onload=prompt(1)> “><script>alert(document.cookie)</script> 6-execute XSS and which you edit data XSS stared
Actions
View on HackerOne
Report Stats
  • Report ID: 282535
  • State: Closed
  • Substate: resolved
  • Upvotes: 5
Share this report