XSS on external links

Description This vulnerability allow for an administrator to create an evil external link. Proof of Concept As an admin user - Go to http://172.16.128.131/front/link.form.php?id=1 - Create an external link and put has value for the link javascript:alert1 - Assign this link to budgets example As a...

Instacart: Reverse Tab-nabbing at www.instacart.com/store/partner_recipe?recipe_url=

Summary Instacart at /store/partnerrecipe?recipeurl= endpoint is vulnerable to reverse tabnabbing, since the injected link use target="blank" , this means the page that opens in a new tab can access the initial tab and change its location using the window.opener property. example: Reproduction...