microsoft bug bounty writeup

Microsoft Bug Bounty Writeup – Stored XSS Vulnerability

This blog is about the write up on Microsoft on how I was able to perform Stored XSS Vulnerability on one of the subdomains of Microsoft.

I performed initial recon on the Microsoft domains and gathered some sub domains.


For recon and especially for subdomain enumeration – I use tools such as Knock, Subrake, Sublist3r, Amass, etc.

Never rely on a single tool for recon as you may miss out your targets.

I gathered all the possible enumerated sub domains and picked some targets to test.

I picked (domain discontinued) for testing and started the recon process for the target.

Interestingly there was a signup and I registered to perform tests for privilege escalation and other issues.

I came across a scenario where the user defined inputs are being stored on the target as this is basically a story publishing platform.

I found an option where users can share their stories. So I tried XSS Vulnerability on those input fields.

microsoft bug bounty writeup

I used a simple XSS payload and added a story.

On the next screen is a popup for my XSS payload and it is a Stored XSS Vulnerability on the Microsoft portal.

Microsoft XSS

After reporting this vulnerability to Microsoft I have been acknowledged in their Hall of Fame.

It wasn’t a very hard bug to find, maybe I found the right target at the right time.

Thank you!

You may like

Paypal Bug Bounty writeup

How I made to Paypal Bug Bounty $750

Hey Guys, This blog is all about how I made to PayPal Bounty $750 with simple bug as Open Redirect ...
Read More
BMW Bug Bounty Writeup

BMW Bug Bounty – Account Verification Bypass writeup

It all started with the BMW Security Experts Acknowledgment page, missing my name and I decided to give it a ...
Read More