.png)
3 years ago
189 BOOK THIS SPACE FOR AD
ARTICLE ADFirst of all, I thank everyone, who follow me on medium and your applause.
This is Pugazhenthi Velayudam. Back with another finding. How I find a Stored Cross-Site Scripting?
I find a wonderful target from openbugbounty.org. I simply start to play with the logic of the Web site. Initially, I found two low-impact vulnerabilities. I report to that Bug Bounty program. They pay two digits bounty. After I speak with my senior he told me to find the internal bugs. I am starting with some new motivation and curiosity.
I find a Phone number input field in the webinar directory on redact.com. I simply enter the phone number with “> break the tag. After I see it is successfully registered but I can't see anything different. After I go to my profile page there I see HTML parsed our Input. Our input breaks the HTML tag. Then I enter “><img src=x onerror=prompt(‘1’)> payload it's fired the alert box on the profile page.
I Reported to that corresponding program. They will reply to me after three day.
Thank you.
Soon I am back with another good finding.
Bengali (Bangladesh) · 
English (United States) ·