Cobalt Crowdsourced Application PentestCobalt Crowdsourced Application PentestCobalt Crowdsourced Application Pentest

Cobalt Vulnerability Wiki


V5 - Validation/Sanitization

Cookie-Based XSS

POC

Observe that Cookie parameter is reflected in the page. So insert JS code in your Cookie value Cookie: lang=en; abc=1">alert(document.domain)

Impact

Low

Likelihood

Low