Mail.ru: Cross-site Scripting (XSS) - Stored in ru.mail.mailapp

2019-04-21T21:33:47
ID H1:544782
Type hackerone
Reporter kassih
Modified 2019-07-19T09:36:40

Description

A leftover debug code for XSS protection was causing "alert(1)" execution in the case of XSS vector (XSS vector itself was not executed).