Reflected XSS on https://apps.topcoder.com/wiki/plugins/socialbookmarking/updatebookmark.action

## Summary: Hi :) A reflected XSS occurs when creating bookmarks. ## Steps To Reproduce: A user can create bookmarks on https://apps.topcoder.com/wiki/plugins/socialbookmarking/updatebookmark.action. In this url `redirect` and `url` parameters are vulnerable to XSS. PoC: `https://apps.topcoder.com/wiki/plugins/socialbookmarking/updatebookmark.action?url=Asd"><img src=X onerror=alert(document.domain)>&redirect=Asd"><img src=X onerror=alert(document.cookie)>` {F816796} {F816795} ## Impact XSS can use to steal cookies or to run arbitrary code on victim's browser.