Informatica: [now.informatica.com] Reflective XSS

2015-12-23T21:36:50
ID H1:106678
Type hackerone
Reporter robd4k
Modified 2016-12-09T10:10:18

Description

XSS vulnerability lies on http://now.informatica.com/launch-next-bigdata-registration-inxpo.html?Source=homepage

POC

  • Sign up for big data management Virtual launch event

  • on parameter company_name inject '"><img src=x onerror=alert(1)>