Cobalt Crowdsourced Application PentestCobalt Crowdsourced Application PentestCobalt Crowdsourced Application Pentest

Cobalt Vulnerability Wiki


V5 - Validation/Sanitization

XSS via Referer

POC

Send the JS payload in Referer header Referer: javascript:alert('XSS'); See it’s reflected in the page

Impact

Low

Likelihood

low