Stored xss in user name
Unknown
Vulnerability Details
In prev report i showed xss in user name thru cookie, there is another place where this name shows and fired xss.
After send auth request open https://mobilevikings.be/en/account/authorization/overview/ in account who send request and press "Remove authorization" and got another way to fire xss payload.
param x:authorization-to-first-name is properly sanitized but probably when it goes to modal window it unsanitize.
Actions
View on HackerOneReport Stats
- Report ID: 47343
- State: Closed
- Substate: informative
- Upvotes: 2