.png)
3 years ago
173 BOOK THIS SPACE FOR AD
ARTICLE AD
Hello Hunters and Infosec community,It is my First Medium Article For which I have Got the appreciation Letter From The university & Got recommendation for that.So Let’s gets Started.
What is XSS?
Cross-site scripting works by manipulating a vulnerable web site so that it returns malicious JavaScript to users. When the malicious code executes inside a victim’s browser, the attacker can fully compromise their interaction with the application.
There are three main types of XSS attacks. These are:
Reflected XSS, where the malicious script comes from the current HTTP request.Stored XSS, where the malicious script comes from the website’s database.DOM-based XSS, where the vulnerability exists in client-side code rather than server-side code.For more details Refer This Link:
So here in The website,I found a search Field.So I have started Hunting For That.
I have started with some basic payload which we all use for finding the XSS vulnerability & Booom.I’m successfully able To find XSS in the search Field.
At the Same I have reported to them With Poc(Proof Of Concept) but unfortunately It was Duplicate & so here I have started for finding other vulnerability.But Here I don’t have access to create account for obviously reason I’m not student of that university.
After a Week I have seen that The Website team have Patched this bug.But Wait a Minute Here I want to say We are From f.. society
I have Just added “> with Previous Payload & It Get Reflected With that payload.
New Payload: “><img src=x onerror=alert(document.cookie)>
I have again write a good report and proof of concept for the same.They have responded within a day & team have resolved immediately.
If you have enjoyed it then do follow me on
Twitter :https://twitter.com/OwnRadius
Subscribe my Youtube Channel:
Youtube:https://www.youtube.com/channel/UCazJMUCTbHcm0SgiSce1T2w
I’m excited to read such story from you guys . If you’ve any questions then DM me, DMs are always open..😄 Thank you so much for reading…
Bengali (Bangladesh) · 
English (United States) ·