vulnerability cross site scripting
severity 9.1
language javascript
registry other

✍️ Description

Stored xss via lead title

🕵️‍♂️ Proof of Concept

First goto and create a new lead . During creation put xss payload xss"'><img src=x onerror=alert()> in Title field and save it . Now open lead by going and see xss is executed

Video -->

💥 Impact

xss attack