Reflected-XSS Vulnerability in

A Security Researcher Adwiteeya Agrawal has discovered Non-persistent Cross site scripting(XSS) Security flaw in the is the web's leading platform for social change, empowering anyone, anywhere to start petitions that make a difference.

The vulnerability has been discovered in the Simple Search Form used in the website. The developer fails to validate the search keyword given by the user.

POC:✓&q=<script>alert("XSS By Adwiteeya Agrawal")</script>

Category: / / /

Share this with Your friends: