XSS Vulnerability in Netflix

Vulnerability Netflix (cross-site-scripting) XSS | by black_b - Freedium Milestone: 20GB Reached We’ve reached 20GB of stored data — thank you for helping us grow! Patreon Ko-fi Liberapay Close < Go to the original Vulnerability Netflix (cross-site-scripting) XSS Today I wanted to share with you my first vulnerability found in the bugbounty programs. It's the first time I do a POST about a bug. I… black_b Follow ~2 min read · June 13, 2018 (Updated: June 16, 2018) · Free: Yes Today I wanted to share with you my first vulnerability found in the bugbounty programs. It's the first time I do a POST about a bug. I remember that I started looking in the list that has the bugcrowd program (https://bugcrowd.com/list-of-bug-bounty-programs). so I chose netflix. use several tools for the recognition and study the behavior of the web page, capturing the request and verifying the response. When I tried the following: payload: and bingo Netflix Hall of Fame: https://help.netflix.com/en/node/6657 This has been my message, I hope it has served you, I also wanted to thank Netflix for this experience. Thank you, My data: https://twitter.com/bada_77 #security Reporting a Problem Sometimes we have problems displaying some Medium posts. If you have a problem that some images aren't loading - try using VPN. Probably you have problem with access to Medium CDN (or fucking Cloudflare's bot detection algorithms are blocking you).