Stored DOM-based XSS on Xiaomi

Stored DOM-based XSS on Xiaomi

Stored DOM-based XSS on Xiaomi Bahasa Indonesia  |  English

Yesterday I just found Stored XSS on the Xiaomi Forum via Markdown, now I found Stored DOM-based XSS on the Xiaomi Forum.

Related Posts:



First, I tried to post a thread on the Xiaomi Forum


After that I saw the source code,


Thread title displayed in backquote (``)
var threadTitle = `Hellooooooooooo`

Do you guys realize something? actually, we can run the JavaScript function inside of a backquote (``) by using ${ }
Example:
var abc = `dada${alert(1)}`

Final Payloads:
Hellooooooooooo${alert(1)}

XSS fire up


Response:


#HappyHacking

Related Post: