Stored XSS to Full Information disclosure

Hello pals,

During research of terapeak.com I found that Bulk Research name is vulnerable to XSS attack.

Note:You need to subscribe for Terapeak Profession account.

POC:

After digging more I’ve found that by that token you can get full information of that user like:

Email Address, Full Name, Member ID, Subscription Type, and other info. as well

The request to get user details:

Response:

Thank you!!

 

shubhamgupta

 

One thought on “Stored XSS to Full Information disclosure

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.