vulnerability cross site scripting
severity 7.1
language php
registry other

✍️ Description

Xss via support ticket

🕵️‍♂️ Proof of Concept

login into your boxbilling account and create support ticket . put bellow xss payload in support ticket [click-me](javascript://%0d%0aalert(document.domain)) Now save the link and click the and see xss is executed

#Video Poc-->

💥 Impact

xss attack