ID H1:106678
Type hackerone
Reporter robd4k
Modified 2016-12-09T10:10:18
Description
XSS vulnerability lies on http://now.informatica.com/launch-next-bigdata-registration-inxpo.html?Source=homepage
POC
{"title": "Informatica: [now.informatica.com] Reflective XSS", "published": "2015-12-23T21:36:50", "references": [], "h1reporter": {"hackerone_triager": false, "username": "robd4k", "hacker_mediation": false, "is_me?": false, "disabled": false, "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/000/007/450/e320d053e371ff05fd398573be97badf65862617_small.jpg?1511771374"}, "url": "/robd4k"}, "type": "hackerone", "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "cvelist": [], "viewCount": 1, "hash": "8aaf312aa74ac080f1f9d531acd2bdc24b2fca1eb80af9e309d211bbc40c6c11", "id": "H1:106678", "modified": "2016-12-09T10:10:18", "history": [{"edition": 4, "lastseen": "2017-09-18T09:23:30", "bulletin": {"id": "H1:106678", "h1team": {"handle": "informatica", "url": "https://hackerone.com/informatica", "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/production/000/000/453/ae79628e2753525acce99182b7d0a7b91f3cf0da_small.jpg?1493894101", "medium": "https://profile-photos.hackerone-user-content.com/production/000/000/453/a8f0e5d0c649beeca777fb020fc0a036daa45f27_medium.jpg?1493894101"}}, "bounty": 0.0, "references": [], "enchantments": {}, "cvelist": [], "viewCount": 1, "title": "Informatica: [now.informatica.com] Reflective XSS", "hash": "19862ce7a308c6b65db5caae31ef34acc4292becde5cdf59e391884d1e3728d5", "type": "hackerone", "modified": "2016-12-09T10:10:18", "history": [], "published": "2015-12-23T21:36:50", "hashmap": [{"hash": "738cbe9b4edec9f4b8d1304fbd3fe364", "key": "h1team"}, {"hash": "ec83c92514064cbcd1d6878e7bc2471a", "key": "type"}, {"hash": "76392e4ef96f68130fa3a3f706ffb07c", "key": "title"}, {"hash": "30565a8911a6bb487e3745c0ea3c8224", "key": "bounty"}, {"hash": "eb25780aaaf1304808e4a9f14745812c", "key": "h1reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "ddedd79a7f3bccbb52dcf11f5e7fd79a", "key": "published"}, {"hash": "669108ccfa90060e23439c3fd63d713a", "key": "modified"}, {"hash": "05ada9a7482161942c43eadd60b0440c", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "ae73d16fedf019b1589757af3efa6ebc", "key": "href"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "a59470384cee1f70859ca87845ae8d41", "key": "description"}, {"hash": "fafdd4fbb3fee9a56e17d43689f48d18", "key": "bountyState"}, {"hash": "72f9302d1eff1b97afaac46b69c9448b", "key": "reporter"}], "objectVersion": "1.3", "edition": 4, "bountyState": "resolved", "h1reporter": {"username": "robd4k", "hacker_mediation": false, "is_me?": false, "disabled": false, "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/production/000/007/450/fdb148230d31b88341d00ec0e21a26639194366c_small.jpg?1505708477"}, "url": "/robd4k"}, "description": "XSS vulnerability lies on `http://now.informatica.com/launch-next-bigdata-registration-inxpo.html?Source=homepage`\n\n#POC\n\n* Sign up for big data management Virtual launch event\n\n* on parameter `company_name` inject `'\"><img src=x onerror=alert(1)>`", "href": "https://hackerone.com/reports/106678", "bulletinFamily": "bugbounty", "reporter": "robd4k", "cvss": {"vector": "NONE", "score": 0.0}, "lastseen": "2017-09-18T09:23:30"}, "differentElements": ["h1reporter"]}, {"edition": 1, "lastseen": "2017-08-22T11:09:38", "bulletin": {"id": "H1:106678", "h1team": {"handle": "informatica", "url": "https://hackerone.com/informatica", "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/production/000/000/453/ae79628e2753525acce99182b7d0a7b91f3cf0da_small.jpg?1493894101", "medium": "https://profile-photos.hackerone-user-content.com/production/000/000/453/a8f0e5d0c649beeca777fb020fc0a036daa45f27_medium.jpg?1493894101"}}, "bounty": 0.0, "references": [], "enchantments": {}, "cvelist": [], "viewCount": 1, "title": "Informatica: [now.informatica.com] Reflective XSS", "hash": "adcf2beee393db71cd8ade8ce903786cda7574a325ce9860db776ec492b37ed7", "type": "hackerone", "modified": "1970-01-01T00:00:00", "history": [], "published": "2015-12-23T21:36:50", "hashmap": [{"hash": "738cbe9b4edec9f4b8d1304fbd3fe364", "key": "h1team"}, {"hash": "ec83c92514064cbcd1d6878e7bc2471a", "key": "type"}, {"hash": "f1755dbc141efa40c19aa5ad6cc2d860", "key": "h1reporter"}, {"hash": "76392e4ef96f68130fa3a3f706ffb07c", "key": "title"}, {"hash": "30565a8911a6bb487e3745c0ea3c8224", "key": "bounty"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "ddedd79a7f3bccbb52dcf11f5e7fd79a", "key": "published"}, {"hash": "05ada9a7482161942c43eadd60b0440c", "key": "bulletinFamily"}, {"hash": "fe3f171f649be7d45d9d11d3f5d45695", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "ae73d16fedf019b1589757af3efa6ebc", "key": "href"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "a59470384cee1f70859ca87845ae8d41", "key": "description"}, {"hash": "fafdd4fbb3fee9a56e17d43689f48d18", "key": "bountyState"}, {"hash": "72f9302d1eff1b97afaac46b69c9448b", "key": "reporter"}], "objectVersion": "1.3", "edition": 1, "bountyState": "resolved", "h1reporter": {"disabled": false, "username": "robd4k", "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/production/000/007/450/b9dbc4cba7c7fd7dbe7f4fa98f0e4181f8ed1004_small.jpeg?1476800618"}, "url": "/robd4k", "hacker_mediation": false}, "description": "XSS vulnerability lies on `http://now.informatica.com/launch-next-bigdata-registration-inxpo.html?Source=homepage`\n\n#POC\n\n* Sign up for big data management Virtual launch event\n\n* on parameter `company_name` inject `'\"><img src=x onerror=alert(1)>`", "href": "https://hackerone.com/reports/106678", "bulletinFamily": "bugbounty", "reporter": "robd4k", "cvss": {"vector": "NONE", "score": 0.0}, "lastseen": "2017-08-22T11:09:38"}, "differentElements": ["h1reporter"]}, {"edition": 6, "lastseen": "2018-02-07T16:58:00", "bulletin": {"id": "H1:106678", "h1team": {"handle": "informatica", "url": "https://hackerone.com/informatica", "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/production/000/000/453/ae79628e2753525acce99182b7d0a7b91f3cf0da_small.jpg?1493894101", "medium": "https://profile-photos.hackerone-user-content.com/production/000/000/453/a8f0e5d0c649beeca777fb020fc0a036daa45f27_medium.jpg?1493894101"}}, "bounty": 0.0, "references": [], "enchantments": {"score": {"modified": "2018-02-07T16:58:00", "value": 4.3, "vector": "AV:N/AC:M/Au:M/C:N/I:P/A:P/"}}, "cvelist": [], "viewCount": 1, "title": "Informatica: [now.informatica.com] Reflective XSS", "hash": "81c47e18317f4ac8a60e5ccea2a53f8c2882ce7869b8902f978794ab80927f5f", "type": "hackerone", "modified": "2016-12-09T10:10:18", "history": [], "published": "2015-12-23T21:36:50", "hashmap": [{"hash": "738cbe9b4edec9f4b8d1304fbd3fe364", "key": "h1team"}, {"hash": "ec83c92514064cbcd1d6878e7bc2471a", "key": "type"}, {"hash": "76392e4ef96f68130fa3a3f706ffb07c", "key": "title"}, {"hash": "30565a8911a6bb487e3745c0ea3c8224", "key": "bounty"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "ddedd79a7f3bccbb52dcf11f5e7fd79a", "key": "published"}, {"hash": "669108ccfa90060e23439c3fd63d713a", "key": "modified"}, {"hash": "05ada9a7482161942c43eadd60b0440c", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "d6147cd3f387d083e21eb6b4b3788ec6", "key": "h1reporter"}, {"hash": "ae73d16fedf019b1589757af3efa6ebc", "key": "href"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "a59470384cee1f70859ca87845ae8d41", "key": "description"}, {"hash": "fafdd4fbb3fee9a56e17d43689f48d18", "key": "bountyState"}, {"hash": "72f9302d1eff1b97afaac46b69c9448b", "key": "reporter"}], "objectVersion": "1.3", "edition": 6, "bountyState": "resolved", "h1reporter": {"hackerone_triager": false, "username": "robd4k", "hacker_mediation": false, "is_me?": false, "disabled": false, "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/production/000/007/450/e320d053e371ff05fd398573be97badf65862617_small.jpg?1511771374"}, "url": "/robd4k"}, "description": "XSS vulnerability lies on `http://now.informatica.com/launch-next-bigdata-registration-inxpo.html?Source=homepage`\n\n#POC\n\n* Sign up for big data management Virtual launch event\n\n* on parameter `company_name` inject `'\"><img src=x onerror=alert(1)>`", "href": "https://hackerone.com/reports/106678", "bulletinFamily": "bugbounty", "reporter": "robd4k", "cvss": {"vector": "NONE", "score": 0.0}, "lastseen": "2018-02-07T16:58:00"}, "differentElements": ["h1team", "h1reporter"]}, {"edition": 5, "lastseen": "2017-10-04T04:13:45", "bulletin": {"id": "H1:106678", "h1team": {"handle": "informatica", "url": "https://hackerone.com/informatica", "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/production/000/000/453/ae79628e2753525acce99182b7d0a7b91f3cf0da_small.jpg?1493894101", "medium": "https://profile-photos.hackerone-user-content.com/production/000/000/453/a8f0e5d0c649beeca777fb020fc0a036daa45f27_medium.jpg?1493894101"}}, "bounty": 0.0, "references": [], "enchantments": {"score": {"modified": "2017-10-04T04:13:45", "value": 4.3}}, "cvelist": [], "viewCount": 1, "title": "Informatica: [now.informatica.com] Reflective XSS", "hash": "0df7fc09623e60ed99a3e6c02da749e57470ac04c7b799f01d0741a735ebbe66", "type": "hackerone", "modified": "2016-12-09T10:10:18", "history": [], "published": "2015-12-23T21:36:50", "hashmap": [{"hash": "738cbe9b4edec9f4b8d1304fbd3fe364", "key": "h1team"}, {"hash": "ec83c92514064cbcd1d6878e7bc2471a", "key": "type"}, {"hash": "76392e4ef96f68130fa3a3f706ffb07c", "key": "title"}, {"hash": "30565a8911a6bb487e3745c0ea3c8224", "key": "bounty"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "ddedd79a7f3bccbb52dcf11f5e7fd79a", "key": "published"}, {"hash": "41bbd92b5e55f89ba84613abcbeb4376", "key": "h1reporter"}, {"hash": "669108ccfa90060e23439c3fd63d713a", "key": "modified"}, {"hash": "05ada9a7482161942c43eadd60b0440c", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "ae73d16fedf019b1589757af3efa6ebc", "key": "href"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "a59470384cee1f70859ca87845ae8d41", "key": "description"}, {"hash": "fafdd4fbb3fee9a56e17d43689f48d18", "key": "bountyState"}, {"hash": "72f9302d1eff1b97afaac46b69c9448b", "key": "reporter"}], "objectVersion": "1.3", "edition": 5, "bountyState": "resolved", "h1reporter": {"username": "robd4k", "hacker_mediation": false, "is_me?": false, "disabled": false, "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/production/000/007/450/bb027e88bee00873549eca590a7b1562f699f64f_small.jpg?1507076216"}, "url": "/robd4k"}, "description": "XSS vulnerability lies on `http://now.informatica.com/launch-next-bigdata-registration-inxpo.html?Source=homepage`\n\n#POC\n\n* Sign up for big data management Virtual launch event\n\n* on parameter `company_name` inject `'\"><img src=x onerror=alert(1)>`", "href": "https://hackerone.com/reports/106678", "bulletinFamily": "bugbounty", "reporter": "robd4k", "cvss": {"vector": "NONE", "score": 0.0}, "lastseen": "2017-10-04T04:13:45"}, "differentElements": ["h1reporter"]}, {"edition": 3, "lastseen": "2017-08-29T13:11:22", "bulletin": {"id": "H1:106678", "h1team": {"handle": "informatica", "url": "https://hackerone.com/informatica", "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/production/000/000/453/ae79628e2753525acce99182b7d0a7b91f3cf0da_small.jpg?1493894101", "medium": "https://profile-photos.hackerone-user-content.com/production/000/000/453/a8f0e5d0c649beeca777fb020fc0a036daa45f27_medium.jpg?1493894101"}}, "bounty": 0.0, "references": [], "enchantments": {}, "cvelist": [], "viewCount": 1, "title": "Informatica: [now.informatica.com] Reflective XSS", "hash": "d51f2fdcf04de373fb6ee32adf398cb8c77c8fc61cb5a233521864c19368f2ef", "type": "hackerone", "modified": "2016-12-09T10:10:18", "history": [], "published": "2015-12-23T21:36:50", "hashmap": [{"hash": "738cbe9b4edec9f4b8d1304fbd3fe364", "key": "h1team"}, {"hash": "ec83c92514064cbcd1d6878e7bc2471a", "key": "type"}, {"hash": "76392e4ef96f68130fa3a3f706ffb07c", "key": "title"}, {"hash": "8fbc5647ab4812653a67668f71754784", "key": "h1reporter"}, {"hash": "30565a8911a6bb487e3745c0ea3c8224", "key": "bounty"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "ddedd79a7f3bccbb52dcf11f5e7fd79a", "key": "published"}, {"hash": "669108ccfa90060e23439c3fd63d713a", "key": "modified"}, {"hash": "05ada9a7482161942c43eadd60b0440c", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "ae73d16fedf019b1589757af3efa6ebc", "key": "href"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "a59470384cee1f70859ca87845ae8d41", "key": "description"}, {"hash": "fafdd4fbb3fee9a56e17d43689f48d18", "key": "bountyState"}, {"hash": "72f9302d1eff1b97afaac46b69c9448b", "key": "reporter"}], "objectVersion": "1.3", "edition": 3, "bountyState": "resolved", "h1reporter": {"username": "robd4k", "hacker_mediation": false, "is_me?": false, "disabled": false, "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/production/000/007/450/b9dbc4cba7c7fd7dbe7f4fa98f0e4181f8ed1004_small.jpeg?1476800618"}, "url": "/robd4k"}, "description": "XSS vulnerability lies on `http://now.informatica.com/launch-next-bigdata-registration-inxpo.html?Source=homepage`\n\n#POC\n\n* Sign up for big data management Virtual launch event\n\n* on parameter `company_name` inject `'\"><img src=x onerror=alert(1)>`", "href": "https://hackerone.com/reports/106678", "bulletinFamily": "bugbounty", "reporter": "robd4k", "cvss": {"vector": "NONE", "score": 0.0}, "lastseen": "2017-08-29T13:11:22"}, "differentElements": ["h1reporter"]}, {"edition": 2, "lastseen": "2017-08-28T23:19:24", "bulletin": {"id": "H1:106678", "h1team": {"handle": "informatica", "url": "https://hackerone.com/informatica", "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/production/000/000/453/ae79628e2753525acce99182b7d0a7b91f3cf0da_small.jpg?1493894101", "medium": "https://profile-photos.hackerone-user-content.com/production/000/000/453/a8f0e5d0c649beeca777fb020fc0a036daa45f27_medium.jpg?1493894101"}}, "bounty": 0.0, "references": [], "enchantments": {}, "cvelist": [], "viewCount": 1, "title": "Informatica: [now.informatica.com] Reflective XSS", "hash": "cfe3953a09d84922d2792c0db27de6b9a6329bb041a102d884895a381fb17854", "type": "hackerone", "modified": "1970-01-01T00:00:00", "history": [], "published": "2015-12-23T21:36:50", "hashmap": [{"hash": "738cbe9b4edec9f4b8d1304fbd3fe364", "key": "h1team"}, {"hash": "ec83c92514064cbcd1d6878e7bc2471a", "key": "type"}, {"hash": "76392e4ef96f68130fa3a3f706ffb07c", "key": "title"}, {"hash": "8fbc5647ab4812653a67668f71754784", "key": "h1reporter"}, {"hash": "30565a8911a6bb487e3745c0ea3c8224", "key": "bounty"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "ddedd79a7f3bccbb52dcf11f5e7fd79a", "key": "published"}, {"hash": "05ada9a7482161942c43eadd60b0440c", "key": "bulletinFamily"}, {"hash": "fe3f171f649be7d45d9d11d3f5d45695", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "ae73d16fedf019b1589757af3efa6ebc", "key": "href"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "a59470384cee1f70859ca87845ae8d41", "key": "description"}, {"hash": "fafdd4fbb3fee9a56e17d43689f48d18", "key": "bountyState"}, {"hash": "72f9302d1eff1b97afaac46b69c9448b", "key": "reporter"}], "objectVersion": "1.3", "edition": 2, "bountyState": "resolved", "h1reporter": {"username": "robd4k", "hacker_mediation": false, "is_me?": false, "disabled": false, "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/production/000/007/450/b9dbc4cba7c7fd7dbe7f4fa98f0e4181f8ed1004_small.jpeg?1476800618"}, "url": "/robd4k"}, "description": "XSS vulnerability lies on `http://now.informatica.com/launch-next-bigdata-registration-inxpo.html?Source=homepage`\n\n#POC\n\n* Sign up for big data management Virtual launch event\n\n* on parameter `company_name` inject `'\"><img src=x onerror=alert(1)>`", "href": "https://hackerone.com/reports/106678", "bulletinFamily": "bugbounty", "reporter": "robd4k", "cvss": {"vector": "NONE", "score": 0.0}, "lastseen": "2017-08-28T23:19:24"}, "differentElements": ["modified"]}], "href": "https://hackerone.com/reports/106678", "h1team": {"handle": "informatica", "url": "https://hackerone.com/informatica", "profile_picture_urls": {"small": "https://profile-photos.hackerone-user-content.com/000/000/453/ae79628e2753525acce99182b7d0a7b91f3cf0da_small.jpg?1493894101", "medium": "https://profile-photos.hackerone-user-content.com/000/000/453/a8f0e5d0c649beeca777fb020fc0a036daa45f27_medium.jpg?1493894101"}}, "hashmap": [{"hash": "30565a8911a6bb487e3745c0ea3c8224", "key": "bounty"}, {"hash": "fafdd4fbb3fee9a56e17d43689f48d18", "key": "bountyState"}, {"hash": "05ada9a7482161942c43eadd60b0440c", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "a59470384cee1f70859ca87845ae8d41", "key": "description"}, {"hash": "bbf277a930eb3bed7d871bd0058e003a", "key": "h1reporter"}, {"hash": "b32c63417fa2138782c7553ab2db7a6c", "key": "h1team"}, {"hash": "ae73d16fedf019b1589757af3efa6ebc", "key": "href"}, {"hash": "669108ccfa90060e23439c3fd63d713a", "key": "modified"}, {"hash": "ddedd79a7f3bccbb52dcf11f5e7fd79a", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "72f9302d1eff1b97afaac46b69c9448b", "key": "reporter"}, {"hash": "76392e4ef96f68130fa3a3f706ffb07c", "key": "title"}, {"hash": "ec83c92514064cbcd1d6878e7bc2471a", "key": "type"}], "objectVersion": "1.3", "edition": 7, "bountyState": "resolved", "bounty": 0.0, "description": "XSS vulnerability lies on `http://now.informatica.com/launch-next-bigdata-registration-inxpo.html?Source=homepage`\n\n#POC\n\n* Sign up for big data management Virtual launch event\n\n* on parameter `company_name` inject `'\"><img src=x onerror=alert(1)>`", "bulletinFamily": "bugbounty", "reporter": "robd4k", "cvss": {"vector": "NONE", "score": 0.0}, "lastseen": "2018-04-19T17:34:09"}
{}
