IT-Securityguard Blog

[BugBounty] Reflected Cross Site Scripting BillMeLater

| 2 Kommentare

Dear followers,

i recently found a reflected Cross Site Scripting issue on a Subdomain of BillMeLater (Paypal acquisition) it was possible to break the style attribute and add malicious Javascript Code into the Application.

When ending the previous style and script element it was possible to add a new script element and executing the Payload, the complete URL looks like this now :

http://wwwb.search.billmelater.com/coupons/store/guess/?u=%27%22–%3E%3C/style%3E%3C/%20script%20%3E%3C%20script%20%3E%20alert%20%28%22XSS%20%20%22%29%3C/%20script%20%3E

thefindt

This one only worked in Firefox, Chrome and IE restricted the execution with the anti XSS feature.

The Bug was categorized as „Out of Scope“ for whatever reason.

Hope you enjoyed, if you have any question left, please don’t hesitate to contact me at patrik.fehrenbach(at)it-securityguard.com

2 Kommentare

  1. has there ever been a paypal bug submission that has been in scope or not a duplicate?

  2. There were some indeed ­čÖé

Schreibe einen Kommentar

Pflichtfelder sind mit * markiert.