Vulnerability Netflix (cross-site-scripting) XSS

Today I wanted to share with you my first vulnerability found in the bugbounty programs.

It's the first time I do a POST about a bug. I remember that I started looking in the list that has the bugcrowd program (https://bugcrowd.com/list-of-bug-bounty-programs). so I chose netflix.

use several tools for the recognition and study the behavior of the web page, capturing the request and verifying the response.

When I tried the following:
payload: </script><script>alert(1);</script>

and bingo

Netflix Hall of Fame: https://help.netflix.com/en/node/6657

This has been my message, I hope it has served you, I also wanted to thank Netflix for this experience.

Thank you,

My data: https://twitter.com/bada_77