jaleelsyed / fx-local

0 stars 0 forks source link

XSS_Injection on PUT:/api/v1/bank-account #222

Open jaleelsyed opened 2 years ago

jaleelsyed commented 2 years ago

Title: XSS_Injection Vulnerability on PUT:/api/v1/bank-account Project: Netbanking Description:

Assertion 'XSS' is a type of injection security attack in which an attacker injects data, such as a malicious script, into content from otherwise trusted websites.Risk: XSS_Injection Severity: Medium API Endpoint: http://netbanking.apisec.ai:8080/api/v1/bank-account Environment: Master Playbook: ApiV1BankAccountPutBodyParamXssInjection Researcher: Default

QUICK TIPS

Suggestion: Effort Estimate: 4.0 Hrs Wire Logs:

IMPORTANT LINKS

Vulnerability Details: https://cloud.apisec.io/#/app/vulnerabilities/projects/402880e782cfa2900182d3aee4120203/dashboard/402880e6837942d501837958ba5f0169/details

Project: https://cloud.apisec.io/#/app/projects/402880e782cfa2900182d3aee4120203/dashboard

Environment: https://cloud.apisec.io/#/app/config-environments/projects/402880e782cfa2900182d3aee4120203/environmentList

Scan Dashboard: https://cloud.apisec.io/#/app/projects/402880e782cfa2900182d3aee4120203/profiles/402880e782cfa2900182d3af11470382/runs/402880e6837942d5018379588d5c0133

Playbook: https://cloud.apisec.io/#/app/projects/402880e782cfa2900182d3aee4120203/playbooks/ApiV1BankAccountPutBodyParamXssInjection

Coverage: https://cloud.apisec.io/#/app/config-categories/projects/402880e782cfa2900182d3aee4120203/categories

Code Sample: https://cloud.apisec.io/#/app/vulnerabilities/projects/402880e782cfa2900182d3aee4120203/dashboard/402880e6837942d501837958ba5f0169/codesamples

PS: Please contact support@apisec.ai for apisec access and login issues.

--- apisec Bot ---