Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

XSS on terra-6.indriverapp.com

Medium
I
inDrive
Submitted None

Team Summary

Official summary from inDrive

A Cross-Site Scripting(XSS) vulnerability was discovered in the **paymentProviderOffset** parameter on the terra-6.indriverapp.com domain. Also subscribe to our telegram channel with updates https://t.me/indrive_bbp.

Actions:
View on HackerOne
Reported by maxdha

Vulnerability Details

Technical details and impact analysis

Cross-site Scripting (XSS) - Reflected
I've found an XSS on terra-6.indriverapp.com ## Steps To Reproduce: 1. Go to ██████ An alert window will popup. ## Supporting Material/References: ███████ ## Impact Executing javascript code on users browsers.

Report Details

Additional information and metadata

State

Closed

Substate

Resolved

Submitted

Weakness

Cross-site Scripting (XSS) - Reflected