Stored XSS
Unknown
Vulnerability Details
Hey!!
Steps to reproduce :
1) while making account add xss payload in username like : "><img src=a onerror=prompt(1);>
2) login using this .
3) Go to settings tab (http://www.localize.io/pages/settings)
4) XSS ll get executed .
Attached PoC .
Daksh
Actions
View on HackerOneReport Stats
- Report ID: 7873
- State: Closed
- Substate: resolved
- Upvotes: 1