.wrapper { display:none; } .footer { display:none; } body { -ms-overflow-style: scrollbar; overflow-y: scroll; overscroll-behavior-y: none; } .errorContainer { background-color: #FFF; color: #0F1419; max-width: 600px; margin: 0 auto; padding: 10%; font-family: Helvetica, sans-serif; font-size: 16px; } .errorButton { margin: 3em 0; } .errorButton a { background: #1DA1F2; border-radius: 2.5em; color: white; padding: 1em 2em; text-decoration: none; } .errorButton a:hover, .errorButton a:focus { background: rgb(26, 145, 218); } .errorFooter { color: #657786; font-size: 80%; line-height: 1.5; padding: 1em 0; } .errorFooter a, .errorFooter a:visited { color: #657786; text-decoration: none; padding-right: 1em; } .errorFooter a:hover, .errorFooter a:active { text-decoration: underline; } #placeholder, #react-root { display: none !important; } body { background-color: #FFF !important; }

JavaScript is not available.

We’ve detected that JavaScript is disabled in this browser. Please enable JavaScript or switch to a supported browser to continue using openbugbounty.org.

2023 © OpenBugBounty

Infosec Institute

Open Bug Bounty mentioned in the
Top 6 Bug Bounty programs of
2022 by the InfoSec Institute

The Hacker News

Open Bug Bounty named among the
Top 5 Bug Bounty programs of 2021
by The Hacker News

All Open Bug Bounty emails are sent only from openbugbounty.org domain being digitally signed. All others are fake. Learn more.

For Researchers

Report a Vulnerability Report and help remediate a vulnerability found on any website	Write a Blog Post Write a blog post to share your knowledge and get kudos
Browse Bug Bounty Programs Browse active bug bounty programs run by website owners	Ask a Question Ask questions and share your improvement ideas

How it Works

Download presentation and learn
how our platform works

PDF, 1MB

For Owners

Start a Bug Bounty Start your bug bounty program at no cost and leverage crowd-security testing	Ask a Question Ask questions or let us know how to make Open Bug Bounty even better
API Request National CERTs and law enforcement agencies may request our API

How it Works

Download presentation and learn
how our platform works

PDF, 1MB

Hall of Fame

Top Security Researchers They make Web a safer place by reporting and helping remediate vulnerabilities	Acknowledgements Website owners share their experience of collaboration with the researchers

How it Works

Download presentation and learn
how our platform works

PDF, 1MB

About

About the Project Read about Open Bug Bounty history, values and mission	Latest Reports Browse the most recent vulnerability submissions
Contact Us Get in touch

How it Works

Download presentation and learn
how our platform works

PDF, 1MB

Forum
Blog

OpenBugBounty.org > XSS Archive > Coordinated Disclosure Vulnerability

Coordinated Disclosure Vulnerability

This vulnerability was reported via our coordinated disclosure Open Bug Bounty program and patched.

Latest Patched

08.02.2023 moqawmh.ps

07.02.2023 nt.am

05.02.2023 dcfs.louisiana.gov

05.02.2023 asrock.com

05.02.2023 itaxi.ws

05.02.2023 sexchat.ws

05.02.2023 bdap-opendata.mef.gov.it

05.02.2023 mekamebel.mebeli.ws

05.02.2023 spalni-komplekti.mebeli.ws

05.02.2023 altibbi.com

Latest Blog Posts

16.01.2023 by itsvarmakollu
XSS vulnerabilities discovered in ServiceNow - CVE-2022-38463

16.01.2023 by itsvarmakollu
Turning cookie-based XSS into account takeover

08.07.2022 by 4websecurity
CVE 2022-29455 is still affecting millions of Wordpress sites

08.07.2022 by kh4sh3i_
Zabbix - SAML SSO Authentication Bypass

08.07.2022 by FR13ND0x7F
The Time Machine — Weaponizing WaybackUrls for Recon, BugBounties , OSINT, Sensitive Endpoints and what not

Recent Recommendations

7 February, 2023

benschrijver:

Rajesh pointed out several XSS issues with our application and offered helpful pointers to resolve them.

7 February, 2023

rinconensalza:

Thank you for helping me to find some bugs on my web, very appreciated!!

4 February, 2023

mb_mbit:

Many thanks to KhanJanny for responsibly disclosing an XSS vulnerability on some of my websites. Highly recommended professional!

4 February, 2023

nidapo5:

Jitin spotted an XSS vulnerability in a minor input field on one of our pages, and reported it clearly, so I could easily spot the problem and fix it. Many thanks for this help.

3 February, 2023

uTechJeremy:

Thank you for your assistance addressing a bug!

Making Web a Safer Place

Coordinated & Responsible Disclosure

Based on ISO 29147 Guidelines