How I found XSS via SSRF vulnerability -Adesh Kolte


This is Adesh Nandkishor Kolte

First Read This Articles

After reading both articles I figure out new way to carry out the XSS attack ,discovered that due to an outdated Jira instance, I was able to exploit an SSRF vulnerability in Jira and was able to perform several actions such as bypass any firewall/protection solutions and etc

so i just tried some basics tricks with google for finding the web apps which used jira integration

got web europa

so i quickly visited


And Boom i got the google page and i m like

i had uploaded xss script on my own Server

and pasted it at the place of

then i found many webs vulnerable for it

Motorola Solution

Cambridge University Press

Stanford University

Thanks for reading

Listed in Top 100 most respected hackers in the world by Microsoft at the BlackHat conference in America 2018

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store