Title: XSS_Injection Vulnerability on POST:/api/v1/users/personal-sign-up
Project: Netbanking
Description:
Assertion
'XSS' is a type of injection security attack in which an attacker injects data, such as a malicious script, into content from otherwise trusted websites.Risk: XSS_Injection
Severity: Medium
API Endpoint: http://netbanking.apisec.ai:8080/api/v1/users/personal-sign-up
Environment: Master
Playbook: ApiV1UsersPersonalSignUpPostBodyParamXssInjection
Researcher: Default
Title: XSS_Injection Vulnerability on POST:/api/v1/users/personal-sign-up Project: Netbanking Description:
Assertion 'XSS' is a type of injection security attack in which an attacker injects data, such as a malicious script, into content from otherwise trusted websites.Risk: XSS_Injection Severity: Medium API Endpoint: http://netbanking.apisec.ai:8080/api/v1/users/personal-sign-up Environment: Master Playbook: ApiV1UsersPersonalSignUpPostBodyParamXssInjection Researcher: Default
QUICK TIPS
Suggestion: Effort Estimate: 4.0 Hrs Wire Logs:
IMPORTANT LINKS
Vulnerability Details: https://cloud.apisec.io/#/app/vulnerabilities/projects/402880e782cfa2900182d3aee4120203/dashboard/402880e6837942d501837958b70b0157/details
Project: https://cloud.apisec.io/#/app/projects/402880e782cfa2900182d3aee4120203/dashboard
Environment: https://cloud.apisec.io/#/app/config-environments/projects/402880e782cfa2900182d3aee4120203/environmentList
Scan Dashboard: https://cloud.apisec.io/#/app/projects/402880e782cfa2900182d3aee4120203/profiles/402880e782cfa2900182d3af11470382/runs/402880e6837942d5018379588d5c0133
Playbook: https://cloud.apisec.io/#/app/projects/402880e782cfa2900182d3aee4120203/playbooks/ApiV1UsersPersonalSignUpPostBodyParamXssInjection
Coverage: https://cloud.apisec.io/#/app/config-categories/projects/402880e782cfa2900182d3aee4120203/categories
Code Sample: https://cloud.apisec.io/#/app/vulnerabilities/projects/402880e782cfa2900182d3aee4120203/dashboard/402880e6837942d501837958b70b0157/codesamples
PS: Please contact support@apisec.ai for apisec access and login issues.
--- apisec Bot ---