https://www.openbugbounty.org/reports/331315/
https://www.openbugbounty.org/reports/328605/
https://www.openbugbounty.org/reports/327430/
These ones, the space is between "<" and "m"; displaying as "< m".
https://www.openbugbounty.org/reports/289761/
This one the space is between "e" and "c"; displaying as "e c".
There are many more in my reports. It seems the space occurs when a new line (\n) is present.
I've accidentally sent these vulnerabilities off with the space included, which makes the vulnerability null and void.
I understand that I'm capable of right clicking and copying the link, but the URL ends up being encoded. I've also accidentally opened the link in a new tab using that method. Google Chrome automatically blocks the XSS vulnerability with the XSS Auditor, but it gets reported to Google, which I'm not okay with.
If it'd be possible to display the vulnerable URL in a textarea for just us researchers for simple copy & paste, I feel would benefit us all. Also I think it would make it easier on us all, as you can just go into the textarea, do a ctrl+a, ctrl+c, and ctrl+v into the e-mail. Instead of having to select the URL or right click, copy the link (possibly open in a new tab accidentally) and go about your business.
I believe with this simple change it could save numerous mouse clicks and make it more efficient for us all. As there are 3,850 members and if we all right click, copy link, and paste into an e-mail, it takes about 8 seconds to do that motion (not including accidentally opening a new tab). With that in mind, we're spending a collective 30,800 seconds (~9 hours) copying one report's URL. While a textarea, we'd be able to hit the textarea with our mouse, do a ctrl+a and ctrl+c, this would trim about 3 seconds off of that and save us an average of 11,551 seconds (~3 hours) - collectively. Which is more time for us to hunt for vulnerabilities
.Hopefully I'm not the only one having this issue
!If it can't be implemented due to lack of others wanting it or not having this issue, I understand and I'll publish a userscript for those of us whom are having this issue. Thank you!!!
