reflected cross-site scripting (XSS) vulnerability affects the Zomato mobile application,
Posted: Tue Oct 29, 2024 4:24 pm
The issue **"Reflected XSS in Zomato Mobile - category parameter"** involves a vulnerability where attackers can manipulate the category parameter to inject malicious scripts into the Zomato mobile app. When users access the manipulated links, the injected scripts execute in their browsers, potentially compromising their data or redirecting them to harmful sites, highlighting the need for robust input validation.
https://hackerone.com/reports/230119
https://hackerone.com/reports/230119