An Accidental XSS on uu.nl

Hello guys, I hope you enjoyed my previous blog. Today I am talking about how I got an accidental XSS on uu.nl

Let’s start

1)First I Enumerate subdomain of uu.nl and I selected www.*.uu.nl subdomain for testing. (sorry for not to a disclosed subdomain)

2)I used “waybackurls” and collected all URL’s of the target.

I found an interesting URL:

https://www.*.uu.nl/XXXXXX/?uuid=vulnerablepoint

I checked out where it reflected, I saw it reflects in between title tag, now balanced the tag

Payload:

test</title><script>alert(document.domain)</script>

Successfully reflected XSS done

Hall Of Fame:

I hope you enjoyed my writeup

follow me on

LinkedIn: https://www.linkedin.com/in/santosh-bobade-531094192/
Twitter: https://twitter.com/Santosh88267387?s=09


Thanks….!

Comments

Post a Comment