WEB-1829XSS from cookie
Steps to reproduce
Step 1. Log onto minecraft.net
Step 2. find 'session_username' cookie
Step 3. Edit the cookie to any Xss lets say "<marquee>script inside</marquee>"
Step 4. Click back to minecraft.net or if you are not on the profile page refresh
Step 5. The script is executed
will look like this:
https://gyazo.com/4689685db73acbb7cec646457f3e4a3d
2020-02-03, 06:28 AM
2020-02-12, 09:52 PM
2020-02-12, 09:52 PM
0
0