Stored XSS
Unknown
Vulnerability Details
Hi,
Go to this URL https://sehacure.slack.com/account/preferences?updated_highlight_words=1
and in the highlight words option please fill the XSS vector as
</textarea><script>prompt(document.cookie);</script>
Your cookie will be reflected.
Best regards,
Anand
Actions
View on HackerOneReport Stats
- Report ID: 2926
- State: Closed
- Substate: resolved
- Upvotes: 2