I was testing Android app of one client and they told me check mobile number and email verification part specifically

App ask me for verify my mobile number and not allowing me get in without OTP.

So I tried random “000000" to check and I bypass the verification part.

After more testing I find out it can also bypass through “… … “ & “ — — — ”

--

--

I found xss via file upload here i uploaded svg file which stored in google cloud and reflected with xss

1) login at app.xyz.com
2) go to online store >> settings >> Email Notification >> Email design
3) click edit
4) Upload the file with svg payload
5) save the file and open image…

--

--

Jay Sharma

Jay Sharma

eJPT | Security Engineer | Pen tester | Bug Hunter | Pro hacker at HTB | CTF Player | Bug-crowd Top 1100 Hackers Globally