Automattic: Reflected XSS at /category/ on a Atavis theme

Summary: Hi team, This report is similar to 947790 You fixed the XSS on search, but I found another XSS at /category/xsspayload For PoC you can check these URLs : https://magazine.atavist.com/category/%22%3E%3Csvg%20onload%3Dalert%60XSS%60%3E...

Automattic: Reflected XSS on a Atavist theme

Summary: Hi team, I found Reflected XSS at a Atavist theme and there are a lot of affected websites. I don't know the theme's name but it's in use at https://magazine.atavist.com/ Just write alertdocument.domain to search field...