TTS Bug Bounty: HTML injection (with XSS possible) on the using media_url attribute

ID H1:263226
Type hackerone
Reporter sp1d3rs
Modified 2017-09-15T13:38:30



Hello. I discovered Cross-Site scripting issue on the endpoint.

Akamai WAF and bypass

At the srart i was not able to do the XSS due to Akamai Waf XSS filters, but later, i was able to bypass it.

POC (HTML injection) {F215755}

POC (Reflected XSS)

Use this link in the Mozilla Firefox {F215768}

Suggested fix

Sanitize all input fields on this page.