help with xss

святой бог · 13.08.2023

i just recently discovered a reflected xss vulnerability in a bug bounty program, but i will like to get help in order to know how to create better scripts, i know js, java, but all that i know its just things like how to create a web server with http requests and responses, i mean i dont know very well how to create better exploits or payloads in this type of vulns

sitizary332 · 13.08.2023

I think it will be enough for Bug Bounty to simply indicate that there is an XSS vulnerability there. You can use any standard payload and you can write a report

святой бог · 13.08.2023

sitizary332 сказал(а):

I think it will be enough for Bug Bounty to simply indicate that there is an XSS vulnerability there. You can use any standard payload and you can write a report

i though so, but the alibaba security team asks me to show them how its possible to make something with that vuln like steal data, etc

святой бог · 13.08.2023

sitizary332 сказал(а):

I think it will be enough for Bug Bounty to simply indicate that there is an XSS vulnerability there. You can use any standard payload and you can write a report

you have any payloads more than the usual payloads ?

sitizary332 · 13.08.2023

святой бог сказал(а):

you have any payloads more than the usual payloads ?

GitHub - payloadbox/xss-payload-list: 🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List - GitHub - payloadbox/xss-payload-list: 🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

github.com

help with xss

святой бог

HDD-drive

sitizary332

HDD-drive

святой бог

HDD-drive

святой бог

HDD-drive

sitizary332

HDD-drive

GitHub - payloadbox/xss-payload-list: 🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List