REFLECT XSS SUPPORT.APPLE.COM (SIMPLE BYPASS)

REFLECT XSS SUPPORT.APPLE.COM (SIMPLE BYPASS)

hai’s WRC Hunter :D

gw pengen bikin writeup pada subdomain apple nih

langsung aja ya, gw ga pandai basa basi wkwkwkwk

pertama gw buka web support.apple.com

pada menu pencarian ya gw ketik aja Sec wkwkwk

terus masuk ke address bar pada query page=search gw tambahin payload ‘><svg/onload=alert(document.cookie)><’ kira-kira seperti ini deh page=search‘><svg/onload=alert(document.cookie)><’ langsung gassd

ternyata xss ny sukses wkwkwk

simple video :

https://www.youtube.com/watch?v=QSCeLzpue_U

Report to apple security October 15, 2019 at 21:53:16

Response Apple security 30 Okt 2019 21.40

Fix Apple security 1 Nov 2019 18.44

bounty :0$

 

Facebook | Twitter | WhatsApp | Cetak

d