Reflected XSS on https://www.glassdoor.com/parts/header.htm
Medium
G
Glassdoor
Submitted None
Team Summary
Official summary from Glassdoor
Reflected XSS was reported on https://www.glassdoor.com/parts/header.htm via the nonce parameter. Thanks, @0x7 for reporting the finding and also reporting additional endpoints affected by this - added a bonus for reporting those additional endpoints and also for your collaboration with us in the discussion.
Actions:
Reported by
0x7
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Cross-site Scripting (XSS) - Reflected