Reflected xss in shop > checout 04-01-2017, 05:02 PM
#1
Hi, i found xss in checout page on shop, its possible to change price when i buy?
| Reflected xss in shop > checout filter_list | |
![[+]](https://sinister.ly/images/modern/collapse_collapsed.png)
RE: Reflected xss in shop > checout 04-02-2017, 12:48 AM
#2
Which shop? Try buying an item to prove it.
![[Image: fSEZXPs.png]](https://i.imgur.com/fSEZXPs.png)
RE: Reflected xss in shop > checout 04-02-2017, 03:30 AM
#3
You need to elaborate.
If the vulnerability exists, what "exactly" did you experience?
If the vulnerability exists, what "exactly" did you experience?
![[Image: AD83g1A.png]](http://i.imgur.com/AD83g1A.png)
RE: Reflected xss in shop > checout 04-02-2017, 01:01 PM
#4
Depends, finding a vulnerability doesn't always mean you'll be able to exploit it. I'd say try it out. Make sure you're using a VPN and you spoof your MAC address when trying something like that.
~~ Might be back? ~~
RE: Reflected xss in shop > checout 04-03-2017, 07:21 PM
#5
xss in post method, and modifyng json response ))
.png "Donator (Rank II)")
RE: Reflected xss in shop > checout 04-03-2017, 07:23 PM
#6
(04-03-2017, 07:21 PM)back00null Wrote: xss in post method, and modifyng json response ))
That really doesn't clarify much. Maybe an example POST body or result screenshot? Also, modifying the JSON return payload would only affect things client-side unless it gets sent back.
It's often the outcasts, the iconoclasts ... those who have the least to lose because they
don't have much in the first place, who feel the new currents and ride them the farthest.
don't have much in the first place, who feel the new currents and ride them the farthest.
RE: Reflected xss in shop > checout 04-03-2017, 07:30 PM
#7
Why is this thread in the "Suggestions" sub forum?
![[Image: 9H83e18.png]](https://i.imgur.com/9H83e18.png)
Users browsing this thread: 1 Guest(s)