.png)
1 year ago
101 BOOK THIS SPACE FOR AD
ARTICLE ADSo, I have been into web hacking lately. While into it, I have explored bug bounties but never found a bug in real website. I have tested many websites but I have been unable to find any bug.
One day I wondered what my speed of typing was and went to one of the typing test websites. After I gave the test, It redirected to a url containing the final score. But I found something strange. The url actually contained the scores. So I thought of XSS and to one of the values of score added img tag and it reflected with blank image. So I tested with simple script tag
<script>alert(1)</script>
And It reflected and I got my first ever real world XSS bug. The site does not have any bug bounty or bug report program. So I thought of reporting it at openbugbounty.org but found out It was already reported.
Either way I am really happy to find out the bug even if I didn't get any bounty It’s always a great experience to find your first bug.
Bengali (Bangladesh) · 
English (United States) ·