Zomato: Reflected XSS on business-blog.zomato.com - Part I
Hi guys, I would like to report a reflected XSS on business-blog.zomato.com. 1. Open Chrome and Firefox latest versions 2. Open https://business-blog.zomato.com/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alert1 3. Payload is executed Check the attached screenshot. Solution...