blibli. com | Bug Cross-Site-Scripting
Blibli.com | Bug Cross-Site-Scripting In Website Blibi.com
Hay guys -_- tetap Bersama saya IG : Anggi_gunawan17 Follow Ye,
Kali ini Saya mau Posting Tentang Bug XSS Di Website Blibli.com Ok Langsung Aja
POC :
1. Login Ke Account Blibli Kalian
2. Langsung ke Https://blibli.com/member/wishlist
3. Tambahin wishlist dengan script xss </ script>"><img src=x onerror= prompt('XSS'); >
4. Dan Boom Xss posed
Next saya Upload Vidio + foto Nya sekarang lagi ga ada Quota :'v Kwkaka
• 27 - 06 - 2017 : Bug Report
• 29 - 06 - 2017 : Bug Confirm And Proses Fixed
• 09 - 07 - 2017 : Bug Fixed
• 10 - 07 - 2017 : Me Ask For A Bounty Reward
• 11 - 07 - 2017 : Send Me Bounty 400.000 IDR via Voucher
• 11 - 07 - 2017 : Me Send A Vuln New XSS
• 11 - 07 - 2017 : IT Blibli Confirm And Proses Fixed
(Next Post For Poc)
Hay guys -_- tetap Bersama saya IG : Anggi_gunawan17 Follow Ye,
Kali ini Saya mau Posting Tentang Bug XSS Di Website Blibli.com Ok Langsung Aja
POC :
1. Login Ke Account Blibli Kalian
2. Langsung ke Https://blibli.com/member/wishlist
3. Tambahin wishlist dengan script xss </ script>"><img src=x onerror= prompt('XSS'); >
4. Dan Boom Xss posed
Next saya Upload Vidio + foto Nya sekarang lagi ga ada Quota :'v Kwkaka
• 27 - 06 - 2017 : Bug Report
• 29 - 06 - 2017 : Bug Confirm And Proses Fixed
• 09 - 07 - 2017 : Bug Fixed
• 10 - 07 - 2017 : Me Ask For A Bounty Reward
• 11 - 07 - 2017 : Send Me Bounty 400.000 IDR via Voucher
• 11 - 07 - 2017 : Me Send A Vuln New XSS
• 11 - 07 - 2017 : IT Blibli Confirm And Proses Fixed
(Next Post For Poc)
Bang itu ngreportnya kmn ya?
ReplyDeletebang mau nanya report kemana
ReplyDelete