[█████████] Reflected Cross-Site Scripting Vulnerability
Medium
U
U.S. Dept Of Defense
Submitted None
Actions:
Reported by
celesian
Vulnerability Details
Technical details and impact analysis
**Description:**
A reflected cross-site vulnerability was found at `███████/██████`.
## References
## Impact
XSS is a versatile attack vector which opens the door to a large number of social-engineering and client-side attacks
## System Host(s)
██████
## Affected Product(s) and Version(s)
## CVE Numbers
## Steps to Reproduce
1. Open the following URL
```
https://████████/████████████href=%22j%0A%0Davascript:confirm(1)%22%20/%3E%3Ch1%3ECLICK%20ME%3C/h1%3E%3C/a%3E
```
2. Click the text written "CLICK ME" on the right side of the page
3. Get an alert box, confirming XSS.
## Suggested Mitigation/Remediation Actions
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Cross-site Scripting (XSS) - Reflected