Hi there, I am writing to let you know about a security vulnerability I found on your website irosephonline.com.
Vulnerability Overview: Reflected XSS is an injection attack where malicious JavaScript is embedded in a URL. When the URL is visited, the script executes in the victim’s browser, potentially compromising user data and the integrity of the affected site. In this case, the vulnerability allows an attacker to craft a URL that, when accessed, executes arbitrary JavaScript within the context of irosephonline.com. Vulnerability Summary: Vulnerable URL: http://www.irosephonline.com/?a=b1y66&api=dym34&c=p76o7&email=bjl27&enddate=wize6&from=n0l61&keyword=tkrt3&lang=wbs45&list_type=vz7z8&p=s9m66&page=hg733&q=lv1e5&s= "-alert(1)-"&terms=fj8o8&tid=i8xp5&token=lo562&type=v6584&url=p7rp2&username=htd84&year=pchv3 Vulnerable Parameter: s Payload: "-alert(1)-" Description: The application improperly handles user-supplied data in the s parameter on the page http://www.irosephonline.com/?a=b1y66&api=dym34&c=p76o7&email=bjl27&enddate=wize6&from=n0l61&keyword=tkrt3&lang=wbs45&list_type=vz7z8&p=s9m66&page=hg733&q=lv1e5&s="-alert(1)-"&terms=fj8o8&tid=i8xp5&token=lo562&type=v6584&url=p7rp2&username=htd84&year=pchv3. It fails to sufficiently sanitize input before reflecting it back in the HTML response. This allows an attacker to inject malicious JavaScript code into the page. Steps to Reproduce: 1. Open a web browser. 2. Navigate to the following crafted URL: http://www.irosephonline.com/?a=b1y66&api=dym34&c=p76o7&email=bjl27&enddate=wize6&from=n0l61&keyword=tkrt3&lang=wbs45&list_type=vz7z8&p=s9m66&page=hg733&q=lv1e5&s= "-alert(1)-"&terms=fj8o8&tid=i8xp5&token=lo562&type=v6584&url=p7rp2&username=htd84&year=pchv3 3. Expected Result: An alert box should appear in the browser displaying the text XSS Proof of Concept: irosephonline.com, confirming that arbitrary JavaScript execution is possible within the context of your domain. Proof of Concept (PoC): Impact: An attacker could exploit this vulnerability by crafting a malicious link and tricking a logged-in user into clicking it. Successful exploitation could lead to: 1. Session Hijacking: Stealing the user's session cookies to impersonate them. 2. Credential Theft: Tricking users into entering credentials into a fake login form controlled by the attacker. 3. Phishing: Displaying fake messages or forms to deceive users. 4. Content Manipulation/Defacement: Modifying the appearance or content of the page within the user's browser. 5. Redirection: Forwarding users to malicious websites. I am happy to provide further details or assistance if needed. Visit my profile for more information about me https://www.openbugbounty.org/researchers/JKTamim/ *it would be great if you guys could consider a bounty.* Best Regards, J.K Tamim
