A researcher discovered a cookie-based XSS vulnerability that became exploitable by moving the vulnerable cookie parameter into URL GET parameters, allowing them to exfiltrate session cookies without needing to chain additional vulnerabilities like CRLF injection.
Reflected DOM XSS vulnerability in silvergoldbull.com/bt.html exploitable via base64-encoded URL parameters, combined with clickjacking via iframe injection to steal user credentials through a fake login page. The vulnerability leverages obfuscated JavaScript that decodes and executes user-supplied parameters without proper sanitization.
A reflected XSS vulnerability was discovered in PayPal's ad generator tool at financing.paypal.com/ppfinportal/adGenerator where the 'size' URL parameter was reflected unsanitized into generated embed code, allowing injection of arbitrary HTML/JavaScript payloads. The vulnerability was rewarded with a $250 bounty.