First Bug Bounty Win

3 years ago 220
BOOK THIS SPACE FOR AD
ARTICLE AD

I wanted to let you know how I helped secure XVIDEOS.com.

After spending time enumerating the site, I quickly saw some text was reflected from the search field on the main website.

There was a hidden field that held a lot of JSON data. I was able to break the main page rendering with a very old payload.

The payload in question was

Read Entire Article