Tube8 Reflected XSS Hackerone Discolosure
It was a normal bug hunting day I spent around 10 hours spidering through websites and testing for xss (cross-site-scripting) until I stumbled across an xss vulnerability in one of the most famous porn sites tube8.com.
I successfully came up with a proof of concept and sent in a report here is the proof of concept payload.
How this exploit works is the following:
Have they fixed the issue?
Well, yes they have fixed the issue otherwise I would not be disclosing it.