Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

#1 XSS on watchdocs.indriverapp.com

Low
I
inDrive
Submitted None

Team Summary

Official summary from inDrive

And subscribe to our telegram channel with updates https://t.me/indrive_bbp

Actions:
View on HackerOne
Reported by maxdha

Vulnerability Details

Technical details and impact analysis

Cross-site Scripting (XSS) - Reflected
## Summary: XSS on watchdocs.indriverapp.com ## Steps To Reproduce: 1. Go to https://watchdocs.indriverapp.com/webview/v1/refresh-jwt?redirect=%22%3E%3Cimg%20src=faw%20onerror=alert(1)%3E 2. An alert window will popup {F2401964} ## Impact Allow executing js code on users browsers

Report Details

Additional information and metadata

State

Closed

Substate

Resolved

Submitted

Weakness

Cross-site Scripting (XSS) - Reflected