Localize: XSS in Localize.io

ID H1:7890
Type hackerone
Reporter siddiki
Modified 2014-04-18T04:22:43


During signup I used "></code><svg/onload=prompt(1)> as my password.Just after pressing sign up I was forwarded to a new page,where that page was showing my username and asked to click to view my password.When I clicked the javascript executed. Attachment: xss.png