Web - Client
Wednesday 24 August 2022, 00:51 #1
Web - Client | XSS Reflected
My attack scenario is to steal the admin cookie.
I found a payload that triggers the js without user interaction.
so, i reported this page to the admin.
When viewing this vulnerable page, my cookie is sent to a webhook, but the admin’s cookie is blank.
am i missing something?