Posts

An Accidental XSS on uu.nl

Image
Hello guys, I hope you enjoyed my previous blog. Today I am talking about how I got an accidental XSS on uu.nl Let’s start 1)First I Enumerate subdomain of uu.nl and I selected www.*.uu.nl subdomain for testing. (sorry for not to a disclosed subdomain) 2)I used “waybackurls” and collected all URL’s of the target. I found an interesting URL: https://www.*.uu.nl/XXXXXX/?uuid=vulnerablepoint I checked out where it reflected, I saw it reflects in between title tag, now balanced the tag Payload: test</title><script>alert(document.domain)</script> Successfully reflected XSS done Hall Of Fame: I hope you enjoyed my writeup follow me on LinkedIn: https://www.linkedin.com/in/santosh-bobade-531094192/ Twitter: https://twitter.com/Santosh88267387?s=09 Thanks….!