Hello guys after a long time i tested facebook acquisitions oculus first i try to find common bugs like cross site request forgery ,cross site scripting, click jacking , open redirect but oculus main domain is really secure so after sometime  i started testing oculus sub domains and in one of sub domain i got self cross site scripting bug and i converted it into stored cross site scripting sounds cool na?.

Vulnerable Domain:-  answers.oculus.com



SO HERE IS PROOF OF CONCEPT
   

 


hope you like my finding if you have any questions then please drop your comment i will try my best to answer your questions. 
 

Post a Comment

  1. great ashish good going .

    ReplyDelete
  2. nice finding brother kindly post any tutorial about bypassing xss filters .

    ReplyDelete
  3. Bro you receive any bounty??

    ReplyDelete
  4. I don't think bounty nor HOF is given for this. Nowadays facebook doesn't care about acquisition . I found Stored XSS on one of the acquisition without minimal user Interaction and facebook replied our BB programme is now only around facebook.com . My question to them is then why the hell they wrote that our scopes are to acquisition also

    ReplyDelete
    Replies
    1. LOL Pity You... I got 500$ for XSS on Subdomain

      Delete
  5. I found some vulns in this site and they said the site of answers.oculus.com is out of scope :(

    ReplyDelete

 
Top