You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
The website is having a security vulnerability. This could potentially put user accounts at risk, and allow malicious activities to take place. I have attached the screenshots of performing Cross-Site Scripting "<script>alert("ATTACK")</script>" on text input boxes.
Steps to reproduce the behavior:
Go to National Ticket Booking Spot
Type <script>alert("ATTACK")</script> in Train Number text box
alert box will pop up (bug).
Expected behavior
The website should not allow any type Cross-Site Scripting injection. However, it allowed the Cross-Site Scripting injection and an alert box appeared (bug).
Screenshots
The text was updated successfully, but these errors were encountered:
Describe the bug
The website is having a security vulnerability. This could potentially put user accounts at risk, and allow malicious activities to take place. I have attached the screenshots of performing Cross-Site Scripting "<script>alert("ATTACK")</script>" on text input boxes.
Steps to reproduce the behavior:
Expected behavior
The website should not allow any type Cross-Site Scripting injection. However, it allowed the Cross-Site Scripting injection and an alert box appeared (bug).
Screenshots
The text was updated successfully, but these errors were encountered: