This report has been reviewed and accepted as a valid vulnerability on FirstBlood!
On 2021-05-10, smhtahsin33 reported:
I Found a Reflected XSS on http://firstbloodhackers.com:49394/login.php via the go back to previous url functionality. The Parameter
is vulnerable to Open Redirection & Reflected XSS at the same time :)
Steps To Reproduce:
- Visit http://firstbloodhackers.com:49394/login.php?ref=jav%09ascript:confirm`xss`;
- Click on the Return to Previous Page Button.
This report has been publicly disclosed for everyone to view
FirstBlood ID: 3
Vulnerability Type: Reflective XSS
Creator & Administrator
Respect Earnt: 1500000
is an experimental cryptocurrency based on the Ethereum blockchain with the mission to show respect to those who deserve it. We are testing it out on our FirstBlood hackevent.