HackerOne: Potential stored Cross-Site Scripting vulnerability in Support Backend

HackerOne maintains an internal Support Backend system for employees. On the internal user profiles for hackers, a small overview is shown that lists the skills the user tagged their penetration tester profile with. Although the skills are currently managed by HackerOne and a user can only pick...