Open Bug Bounty Community Forum

Hey,

I just submitted XSS vulnerabilities for the following domains, it seems they need manual approval so it would be great if you could -
bit.do
acer.su
toptenreviews.com
siemens.sk
blackanddecker.com
epson-europe.com
lexmark.com (x2)
adobe.com
wmo.int

Thanks in advance!

only js redirects to data can be approved as xss

x1admin wrote:only js redirects to data can be approved as xss

Oh I see, I don't think I get the concept about them yet, sorry

How do you verify if it's a js one? Would appreciate any guidance here so I can only submit the correct ones in the future

now we dont accept redirect to data as xss because this xss dont work in all browsers

x1admin wrote:now we dont accept redirect to data as xss because this xss dont work in all browsers

This logic is ridiculous. 90% of xss aren't working in chrome.

ret2libc wrote:

x1admin wrote:now we dont accept redirect to data as xss because this xss dont work in all browsers

This logic is ridiculous. 90% of xss aren't working in chrome.

Agreed, I think the logic to disallow redirects to base64 encoded payloads is purely the wrong choice; you dont see bug bounty programs counting it out of scope?

If it can be used maliciously it should be classed as a vulnerability; surely?

Firefox is still one of the top 3 browsers worldwide so why disallow a vuln that utilizes its features?

we accept this vulnerabilities as open redirect

x1admin wrote:we accept this vulnerabilities as open redirect

well this makes some more sense since the javascript isnt executing in the context of the vuln domain... but still, owasp.org would disagree with you on this

you can still have something being vuln to open redirect while disallowing redirection to a data: uri with inputs