decor.io XSS vulnerability

2017-07-04T10:48:00
ID OBB:258159
Type openbugbounty
Reporter Random_Robbie
Modified 2017-08-15T11:16:00

Description

Vulnerable URL:
https://decor.io/_site/fb-page-151152128416048/_dsf/services/ResourceProvider?handler=paypal&instanceId;=eyJwYXRoIjoiL3RhYl8yNTY1Nzk1MTEwNjM3NzciLCJ2ZXJzaW9uSWQiOiJ2MTg5NTg0NDQyIn0-&layerId;=l512311914&fbPageId;=151152128416048