FirstBlood-#1005 — Xss on about.html
This issue was discovered on FirstBlood v3
On 2022-12-08, didsec Level 5 reported:
Getting started
Learn about vulnerability types 
Getting started in bug bounties 
Test your knowledge
Free Web Application Challenges
BugBountyHunter Membership
Guides for your hunts 
ZSeano's Methodology
Effective Note Taking for bug bounties
Useful Resources 
Disclosed HackerOne Reports 
Our community
Endorsed Members
Hackevents 
Member Articles
Hi There
I found a XSS on the about.html page via the redirect_url parameter . The parameter is missing sensitization
Payload
javascript:alert(document.domain)
Steps To Reproduce
Go to:
Extra
this will endpoint will also act as a open redirect by using the payload //evil.com
Impact
- Perform any action within the application that the user can perform.
- View any information that the user is able to view.
- Modify any information that the user is able to modify.
- Initiate interactions with other application users, including malicious attacks, that will appear to originate from the initial victim user..
- Steal user's cookie.
Supporting Material/References:
P3 Medium
FirstBlood ID: 45
Vulnerability Type: Reflective XSS
The endpoint about.php was introduced to replace about.html, but code on about.html introduces an XSS vulnerability via the javascript: URI
Report Feedback
Creator & Administrator
Congratulations, you were the first user to discover this bug, great work! Apologies for the confusing emails you may of received, we were experiecing some issues on our end.