Back to Articles

How I Found and Fixed XSS on a Website: A Bug Hunter’s Tale

AIwolfie 2 min read

Introduction:

Hi, I’m AIwolfie, a passionate bug bounty hunter with a knack for uncovering hidden vulnerabilities. I enjoy diving deep into websites, spotting security flaws, and helping make the internet safer. Recently, I identified a Cross-Site Scripting (XSS) vulnerability on a news website. Here’s the story of how I found it, tested it further, and helped the team patch it — all while having some fun along the way.

Step 1: The Discovery

While testing the search functionality of the website, I injected this payload:

<image src=1 href=1 onerror="javascript:alert(1)"></image>

When I submitted the payload, the browser executed it, confirming the vulnerability. It displayed a popup alert, proving the website was vulnerable to XSS.

Me at that time: “Abe ye toh chal gaya!”

Step 2: Testing Further

To assess the full extent of the vulnerability, I crafted an additional payload to demonstrate redirection:

<image src=1 href=1 onerror="javascript:window.location='https://example.com'"></image>

When I tested this, the page redirected to https://example.com, showing that attackers could exploit this to redirect users to phishing pages or other malicious sites.

“Logon ke account ka toh band baj jayega!”

Step 3: The Report

I documented the findings in a report, which included:

  • The initial payload used for the popup alert.
  • The redirect payload, showcasing its potential for phishing attacks.
  • Steps to reproduce the vulnerability.
  • The security risks posed by the issue.
  • Recommended fixes, including:
    • Input validation.
    • Output encoding.
    • Implementing a Content Security Policy (CSP).

The website administrators responded promptly, thanking me and confirming that the issue had been fixed.

Step 4: Lessons Learned

  • Input validation is critical: All inputs, especially those originating from users, must be sanitized and validated.
  • Secure your outputs: Any user-supplied content should be properly encoded before rendering on a webpage.
  • Enable CSP: A well-configured Content Security Policy can significantly reduce the risk of XSS attacks.

Final Thoughts

This experience reminded me why I love being a part of the bug bounty community. It’s not just about finding vulnerabilities but about contributing to a safer digital world.

What do you think of this story? Let’s connect and share our bug-hunting adventures!

Bug Bounty Hacking Vulnerability Xss Attack Security