vulnerability Bug On

Hello All,

This time i am sharing my experience during finding a bug in

The bug resides in the input field of the profile pages ,where there is no client side verification is happened.So,I simply payloaded a script and holah ! :),It reflected in the website.The XSS is called an Reflected XSS as it obtained as a result of server’s response.

Proof Of Concept :

I inputed a script in the username field and it got reflected ! It also happened in the description field also :)

Proof Of Concept

Injecting a PayLoad
Reflected Page