Reflected XSS on https://help.glassdoor.com/gd_requestsubmitpage
Medium
G
Glassdoor
Submitted None
Team Summary
Official summary from Glassdoor
The endpoint at help.glassdoor.com/gd_requestsubmitpage suffers from a Cross-Site Scripting vulnerability via the lang parameter. Thanks, @0x7 for finding and reporting this to us. Looking forward to more reports from you.
Actions:
Reported by
0x7
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Cross-site Scripting (XSS) - Reflected