XSS reflected - https://www.indeed.com/hire/employer-confirmation [co, hl]

Disclosed by
CGuillaume's avatar
CGuillaume
  • Engagement Indeed
  • Disclosed date almost 3 years ago
  • Reward $800
  • Priority P3 Bugcrowd's VRT priority rating
  • Status Resolved This vulnerability has been accepted and fixed
Summary by CGuillaume

Reflected XSS

Activity
  1. Kyle_indeed’s avatar
    Kyle_indeed Customer published the disclosure report

    ()

  2. Jarvis’s avatar
    Jarvis Customer changed the state to Resolved

    ()

  3. CGuillaume’s avatar
    CGuillaume requested disclosure

    ()

  4. trim_bugcrowd’s avatarbugcrowd logo
    trim_bugcrowd updated the submission

    ()

  5. candydish_indeed’s avatar
    candydish_indeed Customer sent a message

    ()

  6. candydish_indeed’s avatar
    candydish_indeed Customer rewarded CGuillaume $800

    ()

  7. candydish_indeed’s avatar
    candydish_indeed Customer rewarded CGuillaume 10 points

    ()

  8. candydish_indeed’s avatar
    candydish_indeed Customer changed the state to Unresolved

    ()

  9. trim_bugcrowd’s avatarbugcrowd logo
    trim_bugcrowd changed the state to Triaged

    ()

  10. trim_bugcrowd’s avatarbugcrowd logo
    trim_bugcrowd updated the submission

    ()

  11. CGuillaume’s avatar
    CGuillaume sent a message

    ()

  12. CGuillaume’s avatar
    CGuillaume created the submission

    ()