XSS on Videos IA

Failure found in the videos tab. A user was created on a [website] (https://rutube.ru/video/83a4775f020b3fd68efd3dc9a73031e8/) one with the tag `"> <img src = x onerror = alert (1)> `. When we search DuckDuckGo for the video or user tag, we find a xss flaw in [page] (https://duckduckgo.com/?q=%22%2F%3E%22%2F%3E%3Cimg+src%3Dxss+onerror%3Dalert(2)%3E&t=hk&iar=videos&iax=videos&ia=videos&iai=https%3A%2F%2Frutube.ru%2Fvideo%2F83a4775f020b3fd68efd3dc9a73031e8%2F) detail, in the class tag with the name `c-detail__user` {F886397} {F886398} ## Impact Stored XSS, also known as persistent XSS, is the more damaging than non-persistent XSS. It occurs when a malicious script is injected directly into a vulnerable web application.