XSS Vulnerable website
Posted: Tue Jun 01, 2021 2:00 pm
Respected officials this website http://www.maiyas.in/search/ is vulnerable to Cross-Site Scripting vulnerability wherein a hacker can easily deface the website.
A picture of proof is also attached below
Steps to reproduce
1)Go to the website http://www.maiyas.in/search/
2)In the search bar in the top right corner we put the payload as follows
"/><script>alert(123)</script>
3)When we type the payload and hit enter we get a pop reflecting the payload
4)This is how we reproduce it
A picture of proof is also attached below
Steps to reproduce
1)Go to the website http://www.maiyas.in/search/
2)In the search bar in the top right corner we put the payload as follows
"/><script>alert(123)</script>
3)When we type the payload and hit enter we get a pop reflecting the payload
4)This is how we reproduce it