Reflected XSS on ssl-ccstatic.highwebmedia.com via player.swf

Disclosed: 2018-09-19 23:35:21 By nahamsec To chaturbate

Medium

Vulnerability Details

Hey there, There's a SWF based XSS on ssl-ccstatic.highwebmedia.com. You may want to update/remove the file. #POC https://ssl-ccstatic.highwebmedia.com/jwplayer/player.swf?playerready=alert(document.domain) Thanks, Ben ## Impact #

Actions

View on HackerOne

Report Stats

Report ID: 386340
State: Closed
Substate: resolved
Upvotes: 7

Reflected XSS on ssl-ccstatic.highwebmedia.com via player.swf

Vulnerability Details

Actions

Report Stats

Share this report