RXSS on stores on *█████████/visitorRegistration.pml via destination parameter
Medium
M
Mars
Submitted None
Team Summary
Official summary from Mars
The vulnerability involved a reflected XSS in the destination parameter of the visitorRegistration.pml endpoint across all stores under ██████████. The reporter provided a working proof of concept demonstrating JavaScript execution via URL parameter injection.
Actions:
Reported by
kuriyama
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Cross-site Scripting (XSS) - Reflected