Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

#3 XSS on watchdocs.indriverapp.com

Low
I
inDrive
Submitted None

Team Summary

Official summary from inDrive

And subscribe to our telegram channel with updates https://t.me/indrive_bbp

Actions:
View on HackerOne
Reported by maxdha

Vulnerability Details

Technical details and impact analysis

Cross-site Scripting (XSS) - Reflected
## Summary: Found an XSS ## Steps To Reproduce: 1. Go to https://watchdocs.indriverapp.com/webview/v1/transport-change?phone=██████&token=█████████&service=intercity3&jwt=fw%22%3E%3Cimg%20src=fwa%20onerror=alert(1)%3E ## Supporting Material/References: ████ ## Impact Execute Javascript on any victim browser

Report Details

Additional information and metadata

State

Closed

Substate

Resolved

Submitted

Weakness

Cross-site Scripting (XSS) - Reflected