Open in app

Sign in

Write

Sign in

My First Bug!!!Stored Cross Site Scripting(XSS)

Shahariar Amin
1 min readJul 12, 2024

--

It was about 6 months ago. I was totally depressed for my semester final exam. I was so depressed that I stopped studying before 3 hours of my exam and goes to a site(let, example.com). I started navigating some pages.

While navigating to https://www-bcsite.example.com/login.htm , I saw a pop up ! I was totally surprised. That’s how I got my first XSS even first Bug.

Behind the scene, three days before it, I was gathering information about the website and create test account. While navigating to an URL like, https://www.example.com/account-settings/family-info , I saw a form to add information about family members, which contains a name field. I added the name with a XSS payload like, <scRipT>alert(“XSS_By_take0verx0”);</scRipT> . It was stored in database and reflected to an another page.

I reported it and after some days they accepted it and thanks me. It was a VDP program.

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Bug Bounty
Xss Vulnerability
Stored Xss

--

--

Shahariar Amin
Shahariar Amin

Written by Shahariar Amin

16 Followers
11 Following

Penetration Tester (Web Application),Bug Hunter,CSE student of RUET,Bangladesh.

No responses yet

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams