Questions

Questions or requests about submissions
Post Reply
G0M4n
Posts:3
Joined:Fri Nov 16, 2018 8:41 pm
Questions

Post by G0M4n » Wed Dec 19, 2018 11:27 am

1° i have the report 699380 that is stucked in pending sub from a month, maybe is not a duplicate?

2° I think if we are able to spawn an xss, the position and the way in which we obtain the vulnerability is not very important.
so I'm wondering why to reject xss over sql errors:
sure if there was not the sqli there would be no xss in thew same way, but if there was not html injection probably there would no be xss. the correct sanitization is however lacking in the web application.
So why refuse them?
Top
User avatar
x1admin
Site Admin
Posts:3102
Joined:Sun Nov 15, 2015 7:04 pm

Re: Questions

Post by x1admin » Fri Dec 21, 2018 7:02 am

we already have reports fot this vulnerability https://www.openbugbounty.org/reports/685264/
Top
Post Reply

Return to “Submissions Discussion”

Who is online

Users browsing this forum: No registered users and 2 guests