Myndr: Reflected XSS in

ID H1:824433
Type hackerone
Reporter thilakesh
Modified 2020-03-19T15:44:45



Reflected XSS in Domain (

Steps To Reproduce:

  1. Go to the
  2. Find the endpoint in the domain -
  3. Add the payload ?trg="><script>alert(1)</script>
  4. You can see the pop up in your browser.


With the help of XSS, a hacker or attacker can perform social engineering on users by redirecting them from real websites to fake ones. the hacker can steal their cookies and download malware on their system, and there are many more attacking scenarios a skilled attacker can perform with XSS.