You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The Reflected XSS vulnerability occurs because redirect.php does not properly validate the value of the url parameter. Using javascript: throws an error in parsing the url. But I bypassed it using javascript://%0A.
Through this vulnerability, an attacker is capable to execute malicious scripts.
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Learn more on MITRE.
P0cas Analyst
Impact
The Reflected XSS vulnerability occurs because redirect.php does not properly validate the value of the url parameter. Using javascript: throws an error in parsing the url. But I bypassed it using javascript://%0A.
Through this vulnerability, an attacker is capable to execute malicious scripts.