XSS in messages on geekbrains.ru
Discovered by xaleraf4ra on Mailru

This issue took 12 Days and 1 hours to triage and 0 Days and 2 hours to resolve once triaged.



Stored XSS via data URI in messages on geekbrains.ru.

geekbrains.ru is in extended (Ext.B) scope, XSS reports for this scope are accepted without bounty. <h3 id="description">Description</h3>

Stored XSS in messages on a large IT training portal <code>GeekBrains</code>, the vulnerability allowed to execute JavaScript code in the victim&#39;s browser.