My Journey to Drugs Hall of Fame in just 10 minutes

1 week ago 16
BOOK THIS SPACE FOR AD
ARTICLE AD

bugbounty_learners

Hi Everyone,

Hello guys👋👋 In this article, I’m going to talk about a How to bypass XSS filters and lead to Stored XSS bug I discovered on HackerOne bug bounty program which i m going to represent as redacted that allowed me to get Reward Hall of Fame.

Severity: HighPlatform: Hackerone Public Program @drugs_comGo to the https://www.question.com/Now find findout all input fieldsSearch barProfile page[publicly visible]Blog Posting fieldsCommand fields

3. Try to testing Search bar one and more hours but Search input is not vulnerabile.Next I’m go to the Big Input Box Ask a Question this time what you think

Now enter the normal XSS PayL0ad like <h1> clap my artical </h1> but still not working.

4. Start brut force using may payL0ad and I Foud Something(length)

5. Finally I found the payload

<iframe…
Read Entire Article