XSS Because of wrong Content-type Header
Hello All, XSS because of Wrong content type in InternShala.com Internshala : Internshala is an internship platform, this website helps students find internships with organisations in India - wiki While checking this site I got an endpoint which didn't had CSRF protection. I can change the user details (name, address,etc) Not email :( One thing that was weird with that endpoint was that it was giving a JSON response But the content type header was not : application/javascript Rather it was set as : text/html I was fiddling with that as I knew if we can inject html then we can get XSS here :D But they had filters so it was just HTML Injection -_- that isn't cool to report But there was another parameter current_city_administrative_area_level_2 changing its value caused and error Lets Build Payload Problem no (1) White space was not allowed ...