How I Found My First Bug Reflected Xss On PIA.GOV.PH(Philippine Information Agency)

Hi guys ,This is Neil Harvey Miñano a Newbie security researcher from Philippine.This is my 1st write-up and also I am not good at XSS so forgive all mistakes.It was 04/20/2021 and my 1st day of bug hunting.I’m still newbie!Today I am gonna to Share a Reflected Xss vulnerability what was reported by me to pia.gov.ph in their response in OpenBugBounty Program.So as usual i was checking the vulnerability of the site then while im checking i go to the news page and i found some search bar then i put a xss payload.

So I input a Normal payload :-

‘></title><script>alert(1111)</script>

After execute successfully and got pop-up message that are vulnerable into reflected xss and report it immediately in the site on may 16 2021 and i got this response.

link->https://www.openbugbounty.org/reports/2015345/

Leave a Reply