Reflected Xss
Medium
Vulnerability Details
>>hello security team i found reflected XSS in this subdomain https://███
POC:-
1-go in subdomain
2-go here
https://███████/en/embeddedAuthRedirect.html?auth=javascript:alert("xElkomy")
3-Done
Image:-
███████
#xElkomy
## Impact
reflected cross-site scripting (XSS) operation with JavaScript, which runs in the client context. i can put malicious code in URL
Actions
View on HackerOneReport Stats
- Report ID: 758854
- State: Closed
- Substate: resolved
- Upvotes: 28