Status.im: HTTP Parameter Pollution with semicolons in iframe allows loading external Greenhouse forms

Summary: Status.im uses Greenhouse for job applications, specifically the older Greenhouse integration which relies on iframes. The ghjid URL parameter is used to load the correct form in the iframe. HTML characters are escaped, but using semicolons you can inject URL parameters into the iframe v...