Bug Bounty NSF : Reflected (XSS) Vulnerability
Free Text to Speech
##~ NSF - National Science Foundation ~##
#nsf
Report & Participant : Andri Wahyudi
Website : https://nsf.gov/
Status : Patched
Type : Reflected (XSS)
A reflected XSS (or also called a non-persistent XSS attack) is a specific type of XSS whose malicious script bounces off of another website to the victim's browser. It is passed in the query, typically, in the URL. It makes exploitation as easy as tricking a user to click on a link.
Contact : itsec.andry@gmail.com
======================================================
21/04/2019 ~ Report Vulnerability
28/04/2019 ~ Bug Valid
03/05/2019 ~ Patched & No bounty rewarded
on the website there is clearly a bug bounty program, which participants should get an award for the bounty bug, but the website did not give me any response.
(Video entitled to be published)
2019-05-02 21:32:27
source
Gloss