.png)
8 months ago
54 BOOK THIS SPACE FOR AD
ARTICLE ADIntroduction:
Hi i hope you gave a great day, In the realm of cybersecurity, the hunt for vulnerabilities is a perpetual endeavor. Sometimes, discoveries unfold unexpectedly, as was the case when I stumbled upon a cross-site scripting (RXSS) vulnerability in less than 10 minutes on one of India’s largest travel sites. This medium post narrates my swift journey from exploration to revelation, shedding light on the importance of thorough examination and the serendipitous nature of vulnerability discovery.
Discovery:
My journey commenced with a routine exploration of India’s premier travel site let just say them as redact.com, renowned for its extensive offerings and user-friendly interface. Armed with my methodology and a keen eye for vulnerabilities, I scoured the platform, probing various endpoints and functionalities. However, my initial efforts yielded no good findings, leaving me to think what else i can do.
The turning point arrived when, by mere chance, I clicked on an advertisement that redirected me to a subdomain of the travel site travel.redact.com. In that split second, my intuition sensed an anomaly. As I navigated through the pages of the subdomain, a subtle but distinct feeling lingered — a sense of vulnerability waiting to be discovered by me.
Exploitation:
With a surge of curiosity, I set out to validate my hunch. Armed with a collection of unique payloads tailored for such scenarios, I initiated a systematic exploration of the site’s input fields and interactions. It was not long before I stumbled upon a susceptible entry point.
Implementing one of my carefully crafted payloads, I awaited the outcome with bated breath. Moments later, my screen lit up with a delightful pop-up — a testament to the successful exploitation of the RXSS vulnerability. In less than 10 minutes, I had uncovered a potential security loophole that could have posed significant risks if left unnoticed.
Conclusion:
Sometimes it just take less then 10 min to find something good, i would recommend that always be on it, dont ever loss hope!!
peace out
Bengali (Bangladesh) · 
English (United States) ·