Story of Playstation(Sony) XSS

Hello all!!! Today i decided to share my finding of xss on subdomain of playstation. It was 1 year ago i think, i started hunting bug on sony websites and first i found directory indexing on [ ]

Then i reported to sony and they didn’t accept because they could not find any impact.I didnt understand why they said that :3 and i was like okay.Then I tried to dig more into the folders and found this page [ ]. I found Qunit 1.21.0 on the page and i decided to find exploit on google. Then i found this page.

There are two pocs and the 2nd poc shows that the parameter testId is vulnerable to xss.So i decided to give it a try.First i injected payload <svg onload=alert(1)> and waf filters it.Then i fuzzed a lot and at last boom! double url encoding bypass the waf.

So the POC link is [ ].

Then i reported the bug and they replied back after 3 months and rewarded a swag that was never shipped to me :V .

Thats my story of xss on playstation. Hope you like it. Thanks!!!

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top