[bugbounty] Bug bounty tip: How to escalate stored XSS reports.

  • From: Edwin <contact@xxxxxxxxxxxxxx>
  • To: bugbounty@xxxxxxxxxxxxx
  • Date: Wed, 04 Jul 2018 19:30:47 +0200


If you have found an authenticated stored XSS vulnerability that requires specific permissions to exploit — say administrator-level access — always check to see if the POST request that transmitts the payload is vulnerable to CSRF or an IDOR. This will increase the impact, since as an attacker you no longer need an account with certain permissions to exploit the issue.

I cannot count the number of times that I have received reports and the hacker hadn't verified this. In two cases recently, I helped escalate the reports from $300 to $1.5k.

- Ed

Other related posts: