How I found XSS via SSRF vulnerability -Adesh Kolte


This is Adesh Nandkishor Kolte

First Read This Articles

After reading both articles I figure out new way to carry out the XSS attack ,discovered that due to an outdated Jira instance, I was able to exploit an SSRF vulnerability in Jira and was able to perform several actions such as bypass any firewall/protection solutions and etc

so i just tried some basics tricks with google for finding the web apps which used jira integration

got web europa

so i quickly visited


And Boom i got the google page and i m like

i had uploaded xss script on my own Server

and pasted it at the place of

then i found many webs vulnerable for it

Motorola Solution

Cambridge University Press

Stanford University

Thanks for reading