dekeeu Posted April 16, 2013 Report Share Posted April 16, 2013 Title: Billsafe.de - Stored XSSSecurity Reward Program : Reporting Security IssuesAffected Product: Billsafe Inc.Date: 12.04.2013Severity: Medium-High.Status: Fixed . http://www.youtube.com/watch?v=ucVQpx7duq0 Quote Link to comment Share on other sites More sharing options...
mah_one Posted April 16, 2013 Report Share Posted April 16, 2013 Felicitari!Am primit si eu 500$ pe unul, nu filtra nici un caracter, dar avea protectie la anumite tag-uri. Am zis sa incerc object tag si a mers:https://client.billsafe.de/search/perform-claim-search/orderc/Käufer/dirc/etc'"><object data=jAvascriPt:alert(1)>EHcabe XSS client.billsafe.de XSS #2 on client.billsafe.de Duplicate (este exact ala din video) Quote Link to comment Share on other sites More sharing options...
Justryuz Posted November 4, 2013 Report Share Posted November 4, 2013 Nice good job 1 Quote Link to comment Share on other sites More sharing options...