Cross-site scripting: Any request results in error

38 views Asked by At

I was playing around with my account in one particular website, and I tried to change my account name there (which was not possible in any other way, since the accounts were predefined before the users got access to them). I noticed, that in the "Update Bio" page my name was also part of the POST payload once I was submitting the form, so I decided to give it a try and add some basic HTML code there and changed my name into <span style="color: red">my name</span> (the payload is in multipart/form-data form). It worked, but apparently something wrong happened and when I repeat the same steps (submit the form from the website), the payload contains only the <span style= part and now I can't send any other request to the server, even if I change it back to normal, as it somehow results in an error. I don't know the exact error, since the status is 200, but the system says Error: try again, or contact the administrator.

How can I fix this? What can be some good approaches? I am using Burp Suite and its browser.

Thank you

0

There are 0 answers