
Vulnerability Description => Cross-site scripting is a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.
β‘ β‘ β‘ How to Exploit β‘ β‘ β‘
1. Go to the site (http://readymadeb2bscript.com/demo/streamme/).
β β β β

2. Create a new account
β β β β

3. Then login into your account and click on edit account info
β β β β

4. Now change Full name area to XSS script [ ‘”</Script><Html /Onmouseover=(alert)(1) // ]
β β β β

5. Click on save changes and You will see an XSS popup onscreen
β β β β

*** Also log out and log in again your account, You will see an XSS popup onscreen. ***

Leave a Reply