iOS 16.6
Date: 08/23/23
Description:
The BigLots app for iOS as a problem with self-directed XSS. Entering the term "<plaintext>" in the search box inside of the BigLots app results in an error.
Steps to Reproduce:
1. Download and launch the BigLots app for iOS
2. Click inside the input box that says, "Search BigLots.com"
3. Enter in "<plaintext>" as a search term
4. Click on "Search"
Result: The BigLots iOS app displays an error message if "<plaintext>" is entered as a search term - there is a problem with self-directed XSS
Expected: The BigLots iOS app should not display HTML text from a "<plaintext>" search
Click inside the search input box and enter in "<plaintext>"
Enter in "<plaintext>"
HTML error from a self-directed XSS command.
No comments:
Post a Comment