Summary by 0xNano
This report covers a reflected Cross-Site Scripting (XSS) vulnerability discovered on a NASA domain. The issue was caused by unsanitized user input being reflected in the response without proper encoding, which allowed JavaScript execution. A basic alert() payload was used to demonstrate the flaw.
While the impact was limited to self-XSS and required user interaction, the report highlights the importance of proper input validation and output encoding to prevent similar vulnerabilities.