s is vulnerable to DOM-based XSS on endpoint
/?s=. XSS affects all users and no authentication or login is required.
Visit the following URL for PoC:
This DOM-based XSS vulnerability is due to lack of sanitization on the input fetched via search input field.
Responsible JS file for this issue is:
On line 12,
var $search = ... is getting input from the Search field but there is no sanitization for single quote which leads to this XSS vulnerability when it is appended.
An attacker can take over an account of an authenticated user by stealing any anti-CSRF tokens and using that token to takeover an account.