DinisCruz-QA issues

Repositories
Issues
Comments

Results 1 issues of


                                            DinisCruz-QA

XSS on User field

Cross-site-Scripting payloads can be placed on the username field: **payload inserted:** ![image](https://f.cloud.github.com/assets/5708917/1366849/920f1854-38e8-11e3-9f97-7def519ba1dc.png) **payload executed (after payload inserted):** ![image](https://f.cloud.github.com/assets/5708917/1366850/a1b02488-38e8-11e3-8e67-f22b2e3fbae4.png) **payload executed (on victim's browser** ![image](https://f.cloud.github.com/assets/5708917/1366852/eb0c7b40-38e8-11e3-938f-a016de6f3e96.png) for reference see: - https://vulnerabilities.teammentor.net/article/Cross_Site_Scripting_Attack -...