Is the XSS exploitable? Can you insert data in the phone field via a form submit... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		migueldemoura on May 14, 2018 \| parent \| context \| favorite \| on: Weak Security and Vulnerabilities in the Portugues... Is the XSS exploitable? Can you insert data in the phone field via a form submit or URL param? Seems like the attack requires exceedingly unlikely user interaction. Did you contact the Portuguese National Data Protection Agency? If you can leak phone numbers, they should be informed. Cool findings :)

iluxonchik on May 15, 2018 [–]

Thank you :)

Regarding the XSS attack, I have the answer here: https://iluxonchik.github.io/chave-movel-digital-xss/#commen...

I did not, thank you for suggesting, I will do it now.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact