Sitemap
Open in app

Sign in

Medium Logo
Write
Search

Sign in

LegionHunters

LegionHunters

Top quality vulnerability writeups

XSS at U.S. Department of Education

Program silently fixed the vulnerability

2 min readJun 27, 2025
Press enter or click to view image in full size

🆓 Free Link (For Non-Members)

Report Date: Aug 16,2024

Vulnerability Type: RXSS

Vulnerability Status: Fixed but no certificate

According to the disclosure policy, we can’t share vulnerability details for 90 calendar days after receiving an acknowledgement, now it’s been 1 year and they failed to recognize my efforts. So I am sharing complete details as they silently fixed the vulnerability.

Where others are acknowledged with cool certs, mine got vanished in the air after the patch

Proof of Submission via Gmail

Press enter or click to view image in full size
Press enter or click to view image in full size

Create an account to read the full story.

The author made this story available to Medium members only.
If you’re new to Medium, create a new account to read this story on us.

Continue in app
Or, continue in mobile web
Already have an account? Sign in
LegionHunters

Published in LegionHunters

782 followers
Last published 23 hours ago

Top quality vulnerability writeups

Abhirup Konwar

Written by Abhirup Konwar

8.5K followers
1.5K following

Security is a myth!

Responses (2)

Write a response

What are your thoughts?

Author

Jun 27

https://medium.com/@abhirupkonwar04/xss-at-u-s-department-of-education-771bf5b0a003?sk=51b83c9ccfb810b94cd56a5d92b4eb4f

Aug 30

Seeing you after a long time hope you are doing good bro already your all content are fire you never disappoint anyone cool man

More from Abhirup Konwar and LegionHunters

See all from Abhirup Konwar
See all from LegionHunters

Recommended from Medium

See more recommendations

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech