Persistent XSS in share button
Medium
I
Infogram
Submitted None
Team Summary
Official summary from Infogram
Persistent XSS in "Share" button was found: 1. In custom link field for "Share" button add: `"><svg/onload=confirm(document.domain)>`. 2. Share the infographic publicly, navigate to its public URL and click the "Share" button. 3. See that pop-up window activates.
Actions:
Reported by
muon4
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Cross-site Scripting (XSS) - Stored