Open NagliNagli opened 3 years ago
As I'm doing security research during my bug bounty activities I stumbled upon an issue with a client that uses invisible-recaptcha
specifically speaking, the issue is within the "ac" parameter
As I discovered the vulnerability during my BlackBox approach, I decided to report it in this repo and to see the white box root cause of the matter.
The url of my proof of concept looked like the following:
invisibleRecaptcha?sitekey=XXXXXX&lang=XX&label=XXX&ac=</script><a%20href=javascript:alert(document.domain)>hi</a>
The payload I used was to escape the javascript context that the input was injected into and insert my own Cross Site Scripting code.
Hey, I'd like to request you to issue a CVE for this pull request.
Summary
As I'm doing security research during my bug bounty activities I stumbled upon an issue with a client that uses invisible-recaptcha
specifically speaking, the issue is within the "ac" parameter
As I discovered the vulnerability during my BlackBox approach, I decided to report it in this repo and to see the white box root cause of the matter.
The url of my proof of concept looked like the following:
The payload I used was to escape the javascript context that the input was injected into and insert my own Cross Site Scripting code.