Reflected XSS on Lark Suite
Medium
L
Lark Technologies
Submitted None
Team Summary
Official summary from Lark Technologies
A reflected cross-site scripting (XSS) vulnerability was found at the Lark Suite log-in endpoint via the redirect_uri parameter which could have potentially allowed an attacker to inject malicious code. We thank @jin0ne for reporting this to our team and confirming the resolution.
Actions:
Reported by
jin0ne
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Cross-site Scripting (XSS) - DOM