Amit Kumar Biswas @Amitlt2
2 min readApr 2, 2022


I’m Going to share one of my other Reflected Cross-Site Scripting Scenario.

As you know I didn’t believe in automation and I love for manual approach…..

Have a look at my steps like what methodology I used for my findings

Duke University is my target.

Now first of all start with Google Dorks & always start with these dorks

site:* inurl:/login

Using this dork you’ll be able to get all those login panels of duke university.

And I found my target from where I have to start my Xss Hunting….

I discovered a Forget password functionality there is another function which is called Account Lookup sometimes forget pwd functionality is not properly working whereas the Account Lookup function will properly be worked.

So the Account Lookup function asks me to Enter the Legal First/Given Name, Legal Last/Family Name & Birth Year.

  1. Then I entered xss<> into Legal First/Given Name & Legal Last/Family Name.
Here as you can see the GIven Name reflected in my response body.

2. After sending the request my Given Name: xss<> reflected into my response body without sanitizing properly.

3. Now I crafted a script payload and injected it into the Given Name parameter and I got a poped-up.

Reported this flaw and they multiple times recognized

Youtube Video:

Thanks for taking the time to read my write-up and share it with your friends, Like & Follow for more updates.

Follow me:







Amit Kumar Biswas @Amitlt2

Cyber Security Analyst at @avalanceGlobalSolutions | Security Researcher in | Cyber Security Researcher in Microsoft & Bugcrowd | R&D in Smart Contract |