I want to report a reflected xss vulnerability that I found in
PoC Link: http://player.vimeo.com/hubnut/channel/830190?user="onmousemove="alert(1)"
Type: GET XSS
Steps for reproducing this flaw: Open the PoC Link in a web browser and point the cursor over the page background and you will see that an
alert() function will be called. The cause of this vulnerability is the value of
onmouseover etc .
Regards, Coltuneac Alexandru