U.S. Dept Of Defense: DOM Based XSS on https://████ via backURL param

Description: The following endpoint suffers from DOM Based XSS https://████████/██████=javascript:alertdocument.domain The ████████ param determines the content which will be displayed on the "Back to Search Result" button, eventually leading to RXSS. References ██████ Regards nagli Impact...