You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I want to report xss vulnerability in aws s3 explorer. POC is below:
Click on the settings icon in the top right corner. Popup will open to enter S3 bucket name.
Type a payload as you can see on this image, and press enter:
And you'll get an xss:
The text was updated successfully, but these errors were encountered:
Just to inform, i reported this to: https://cveform.mitre.org/ as a cve request, to inform users about affected version, because xss is usually high or critical vulnerability.
Hi, how are you?
I want to report xss vulnerability in aws s3 explorer. POC is below:
Click on the settings icon in the top right corner. Popup will open to enter S3 bucket name.
Type a payload as you can see on this image, and press enter:
And you'll get an xss:
![Screenshot from 2024-03-05 14-31-23](https://private-user-images.githubusercontent.com/102229967/310422410-2c7f9918-4da3-4d5d-b427-f3646040929e.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjA5MjU3MzQsIm5iZiI6MTcyMDkyNTQzNCwicGF0aCI6Ii8xMDIyMjk5NjcvMzEwNDIyNDEwLTJjN2Y5OTE4LTRkYTMtNGQ1ZC1iNDI3LWYzNjQ2MDQwOTI5ZS5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNzE0JTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDcxNFQwMjUwMzRaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT04ODFmNjgxNDNlNTNlMDI2OTcyYmY0YjZkOTIyOGJlMDRkYTc3YWZlNGQzZGVlNWM4ODUyODM2NTc4ZDU5ZDQ3JlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.jyIvE5LsE-68UXrZaK2fpxR_ZgBUmBn62NM8oK4ZgjY)
The text was updated successfully, but these errors were encountered: