Cross Site Scripting in Hostinger


Cross Site Scripting in Hostinger


Hello Viewers,this is my first write up of Bug Bounty POC. I’ve created this blog to share my Vulnerabilities,bugs and experience with you in the first write up i’ll show you how i found the easy and minor Cross Site Scripting in Hostinger, So Let’s start it.

Hostinger is a free web hosting services provider and domain registrar.


Reproduction Steps :

1- Go to
2- Login to your account
3- Go to my profile and click on edit profile
4- Now change your name and set it to cross site scripting payload (“><img src=x onerror=prompt(2);>).
5- Click save changes and payload will be executed

Screenshot : 

Cross Site Scripting in Hostinger


Cross Site Scripting  in Hostinger :

You may also like...

4 Responses

  1. Nouman says:

    Thanks Monster 1337

  2. charizard says:

    Do you think this thing would affect other users??
    i mean i’am logging in to my account and they payload i see is in my user name….it wont affect if i report this bug to someone would i be given bounty? let mee know about it plz
    thank you

  3. Tyson Samano says:

    My brother suggested I might like this web site. He was once entirely right. This post truly made my day. You can not consider simply how a lot time I had spent for this information! Thank you!

Leave a Reply

Your email address will not be published. Required fields are marked *