DOM-based Cross-Site Scripting in redirect url checkout
Medium
R
RBKmoney
Submitted None
Team Summary
Official summary from RBKmoney
The application was exposed to the XSS vulnerability. The code was injected through the "javascript:" URL schema. If the invoice was successfully paid, the code was executed.
Actions:
Reported by
spipm
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Cross-site Scripting (XSS) - DOM