Reflected XSS on m.olx.co.id via ad_type parameter

I have identified a Reflected Cross Site Scripting (XSS) vulnerability on the m.olx.co.id website. Vulnerable URL: https://m.olx.co.id/iklan/zundapp-1962-cafe-racer-250-cc-made-in-germany-IDA3GpU.html?ad_type=PL"><svg/onload=alert("XSS")><" Vulnerable Parameter: ad_type XSS Payload: PL"><svg/onload=alert("XSS")><" Steps to replicate is fairly simple. Just access the URL and the JavaScript gets reflected in response and gets executed on the browser. The Popup screenshot attached. Note: This seems similar to my other report: https://hackerone.com/reports/633751 just that the domain is different (m.olx.co.id). Let me know if any further help is required from my side. ## Impact 1. Redirect user to malicious website like phishing website etc. 2. Rewrite the content of the current HTML page which can result in Brand Abuse.