AlienVault : Server Side Request Forgery protection bypass № 2

Hi, you haven't fixed the vulnerability.The bypass of this report 287762 This is a classic example of url bypass. POC https://www.threatcrowd.org/domain.php?domain=173.0302.0x2c.70 https://www.threatcrowd.org/domain.php?domain=0xad.0xc2.0x2c.0x46...

AlienVault : [www.threatcrowd.org] - reflected XSS in graphViewMap.php

Summary: I have found a reflected XSS in https://www.threatcrowd.org/graphViewMap.php in GET parameter email. This is similar to report 283633 Browsers Verified In: Firefox 56.0.1 Steps To Reproduce: 1. Browse to https://www.threatcrowd.org/graphViewMap.php?email=-alertdocument.domain- 2. Click o...