Skip to content

Microsoft Security Hall of Fame: Reflective XSS Vulnerability

In 2013, I discovered a GET-based reflective cross-site-scripting (XSS) vulnerability on a subdomain belonging to Microsoft.

Daniel Kelley
Daniel Kelley
Microsoft Security Hall of Fame: Reflective XSS Vulnerability

Table of Contents

In 2013, I discovered a GET-based reflective cross-site-scripting (XSS) vulnerability on a subdomain belonging to https://www.microsoft.com/.

bug bounty hunting
Daniel Kelley

Daniel Kelley Twitter

I'm a reformed black hat computer hacker that has contributed to over 100 bug bounty programs.

Comments

Related Posts

Members Public

Open Bug Bounty: 3048 Patched Vulnerabilities

Over a 36 month period, I helped remediate 3048 vulnerabilities through Open Bug Bounty.

Open Bug Bounty: 3048 Patched Vulnerabilities
Members Public

BBC Security Hall of Fame: Reflective XSS Vulnerability

In 2018, I discovered a GET-based reflective cross-site-scripting (XSS) vulnerability on the homepage of the BBC.

BBC Security Hall of Fame: Reflective XSS Vulnerability
Members Public

University of Twente Security Hall of Fame: Remote Command Execution (RCE)

In 2018, I discovered a remote command execution (RCE) vulnerability on University of Twente's website.

University of Twente Security Hall of Fame: Remote Command Execution (RCE)