"Stored XSS on /manageappointment.php using the message parameter leading to account takeover" - disclosed by @holybugx , one of many great reports from our first hackevent! View all disclosed reports from the event -> Tweet added by BugBountyHunter.com 🪲 @BugBountyHunt3r

BugBountyHunter.com 🪲

3 years

"Stored XSS on /manageappointment.php using the message parameter leading to account takeover" - disclosed by @holybugx , one of many great reports from our first hackevent! View all disclosed reports from the event ->

197

Replies

PPCVR ¦ 0x001

@PPCVRJCUV

3 years

@BugBountyHunt3r @HolyBugx I think , it has HTTP request smuggling vulnerability too , just check it