U.S. Dept Of Defense: Reflected XSS and HTML Injectionon a DoD website
Summary: I found Xss and Html injection vulnerabilities on one of the DoD websites Description: When doing the Xss tests I used this payload: alert "XSS" and when running I noticed that the server returned a 403 Forbidden error, but it was easy to do a bypass I just modified the javascript tags i...