Report a Vulnerability
Submit, help fixing, get kudos.
Start a Bug Bounty
Run your bounty program for free.
738,607 coordinated disclosures
436,149 fixed vulnerabilities
1145 bug bounties with 2,196 websites
20,579 researchers, 1255 honor badges

Are you sure you want to delete the vulnerability?

Yes No

This feature enables you to send additional notifications to the website owners or admins after the vulnerability is submitted. The total number of additional notification is limited to 10, and to 1 in 24 hours.

Notify specific security contact:


To my best knowledge this email belongs to the website owner/admin


help.lsnav80.lsretail.com Cross Site Scripting Vulnerability.
Report ID: OBB-1338861

Security Researcher devl00p Helped patch 26704 vulnerabilities
Received 11 Coordinated Disclosure badges
Received 28 recommendations
, a holder of 11 badges for responsible and coordinated disclosure, found a Cross Site Scripting security vulnerability affecting help.lsnav80.lsretail.com website and its users.

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:

      a. verified the vulnerability and confirmed its existence;
      b. notified the website operator about its existence.

Affected Website:help.lsnav80.lsretail.com  
Open Bug Bounty Program:Create your bounty program now. It's open and free.
Vulnerable Application:Custom Code
Vulnerability Type:XSS (Cross Site Scripting) / CWE-79
CVSSv3 Score:6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N]
Disclosure Standard:Coordinated Disclosure based on ISO 29147 guidelines
Discovered and Reported by:devl00p Helped patch 26704 vulnerabilities
Received 11 Coordinated Disclosure badges
Received 28 recommendations
Remediation Guide:OWASP XSS Prevention Cheat Sheet
Export Vulnerability Data:Bugzilla Vulnerability Data
JIRA Vulnerability Data [ Configuration ]
Mantis Vulnerability Data
Splunk Vulnerability Data
XML Vulnerability Data [ XSD ]

Vulnerable URL:

HTTP POST data: