Bug Type: Stored | DOM Based and Self Executed XSS Vulnerability
Browser: Chrome, Mozilla , IE etc
Vulnerable Module: Youtube Editor : https://www.youtube.com/editor
Status :Fixed .
Detailed WriteUp: Hey all 🙂 I sent this XSS vulnerability report to Google in October last year. The vulnerability existed in the Youtube Video Editor Module. When you go to the images tab on this editor page.There is a feature to upload the images to the editor .
[pastacode lang=”markup” manual=”%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.cookie)%3B%20%3E.jpg%0A” message=”” highlight=”” provider=”manual”/]
Now when i mouseover the newly uploaded image file , the vector is sent to the dynamically created div element where it was not sanitized resulting in vector fired .
Full details Video POC of the vulnerability:
For this vulnerability i got a nice reward from them. Thanks Google .