#Quidco Self XSS

Simple DOM XSS this time as I didnt see any values reflected. Simple Payload Used…   #<img src=x onerror=prompt(/OPENBUGBOUNTY/)>   Timeline: March 18th – DM sent to quidco March 30th – Tweeted them https://twitter.com/Random_Robbie/status/847353071449423874 March 30th – Response received https://twitter.com/quidco/status/847400878990532608 Patched at some point with out telling […]

Read more