Cross-site Scripting (XSS) - Stored in microweber/microweber


Reported on

Jan 22nd 2022


There is a persistent XSS Vulnerability exsists in the checkout page where we can able to execute any javascription in the last name field

We are processing your report and will contact the microweber team within 24 hours. 4 months ago
Nithissh12 modified the report
4 months ago
We have contacted a member of the microweber team and are waiting to hear back 4 months ago
We have sent a follow up to the microweber team. We will try again in 7 days. 4 months ago
Peter Ivanov validated this vulnerability 4 months ago
Nithissh12 has been awarded the disclosure bounty
The fix bounty is now up for grabs
Peter Ivanov confirmed that a fix has been merged on f017cb 4 months ago
Peter Ivanov has been awarded the fix bounty
to join this conversation