Submeter #709002: postmanlabs httpbin <=0.6.1 XSSinformação

Títulopostmanlabs httpbin <=0.6.1 XSS
DescriçãoIn the latest version (v0.6.1) of HTTPBIN, the endpoint /base64 does not encode user-controllable parameters when outputting them on the current page, resulting in Reflected XSS. This allows attackers to launch XSS attacks against users.
Fonte⚠️ https://github.com/postmanlabs/httpbin/issues/735
Utilizador
 ZAST.AI (UID 87884)
Submissão08/12/2025 09h02 (há 4 meses)
Moderação25/12/2025 13h56 (17 days later)
EstadoAceite
Entrada VulDB338424 [postmanlabs httpbin até 0.6.1 core.py Script de Site Cruzado]
Pontos16

VoltarVisão GeralPróximo

Interested in the pricing of exploits?

See the underground prices here!