Originally posted here [Old Blog]: http://witcoat.blogspot.com/2017/06/xss-on-bugcrowd-and-so-many-other.html
This is my first Blog post. I recently found Reflected Cross Site Scripting(XSS) vulnerability on Bugcrowd main domain which had huge impact.
This didn’t only work on 404 page but also on the homepage for ex:
https://bugcrowd.com?locale=xss. However this parameter didn’t seem to do anything else, so I immediately reported to Bugcrowd. When I woke up in the morning, I came to know that this bug was rather in Locomotive CMS, bugcrowd worked around showing that page at router level to mitigate the impact .
Knowing this I immediately checked out Locomotive CMS and so was their website vulnerable.
After few days Locomotive fixed the bug and allowed disclosure. You can easily find some locomotive CMS application to test this out.Bugcrowd rewarded $600 for this, I didn’t agree with the reward amount but it was really nice to see the Quick Fix.