Open Bug Bounty Community Forum

Hello Team,

Can you please re-check the submissions of :

1-alchemy.net

2-gps-hrn.org

rejection reason is "Can't reproduce vulnerability" from my side i can execute the XSS.

Regards,

Rashed

0man_X_HaCker wrote: ↑

Sat Mar 10, 2018 2:09 am

Hello Team,

Can you please re-check the submissions of :

1-alchemy.net

2-gps-hrn.org

rejection reason is "Can't reproduce vulnerability" from my side i can execute the XSS.

Regards,

Rashed

approved

Hello Team,

I sent a lot of submissions, the most of them you can reproduce and they were rejected, I do not understand.
May you review, please?

hackingxsolutio wrote: ↑

Thu Mar 15, 2018 6:40 pm

Hello Team,

I sent a lot of submissions, the most of them you can reproduce and they were rejected, I do not understand.
May you review, please?

we can't review w/o id's

Any info on this? Works for me. Maybe its depending on location.
Thanks for feedback
https://www.openbugbounty.org/reports/581155/
https://www.openbugbounty.org/reports/581153/

H00tyMcOwlFace wrote: ↑

Fri Mar 16, 2018 2:05 pm

Any info on this? Works for me. Maybe its depending on location.
Thanks for feedback
https://www.openbugbounty.org/reports/581155/
https://www.openbugbounty.org/reports/581153/

we don't accept sql injections

but its an XSS via sqlinjection ;_;

https://www.openbugbounty.org/reports/761831
has been rejected as not reproducible. But i am able to.
the clear steps are:
go to vulnerable link as given in xss url:
in the email type the payload
as written in report
"><svg/onload=alert(1)@gmail.com

rest enter details normally.
sign up and xss pop up.

How to share poc video or resubmit?

H00tyMcOwlFace wrote: ↑

Mon Mar 26, 2018 1:26 pm

but its an XSS via sqlinjection ;_;

We even dont accept Xss via sql injection.
Try bugheist.com

Report id: 821144
Steps to reproduce XSS vulnerability:
Give <script>alert(3)</script> in search box and not in url. Pop wil appear.