Glassdoor: Reflected XSS on https://www.glassdoor.com/employers/sem-dual-lp/

Summary: There is a reflected XSS on https://www.glassdoor.com/employers/sem-dual-lp/ through the utmsource parameter. By using URL encoding I was able to bypass the WAF. Affected URL or select Asset from In-Scope: https://www.glassdoor.com/ Affected Parameter: utmsource Vulnerability Type: XSS...