Another En Mass Education #XSS

I was looking through some automated results of mine and after hitting a few sites I noticed a domain pattern and then i thought hmmmm i wonder!

Quick google later and boom 115 sites with the same XSS.


After Emailing the software company behind it at first they seemed like they was really interested and offered to reward me for my findings… I provided them with my usual amazon or paypal please and then never heard from them.

Emailed them a few days ago to say i had a bypass… still not heard a thing!

They have fixed the original issue so happy to release this finding.