Back to Labs
Real World Bug HackerOne #1818163 — Equifax — Reflected XSS in JS Context — Medium (5.6)
Home Help Center Search Results

How can we help you?

Search our Help Center for answers to common questions

Enter a search term above

Try searching for "credit freeze", "dispute", or "credit score"

Popular Topics

Credit Freeze Dispute Information Credit Score Free Credit Report Identity Theft Data Breach Lock & Unlock

Real World Lab — What to Find

This page simulates the Equifax Help Center search endpoint vulnerable to reflected XSS. The ?search= parameter appears to be correctly handled in the HTML output — but look deeper. View the page source and search for your input. You will find it reflected a second time, inside a <script> block within a JavaScript analytics call.

Your goal: trigger alert() without using any HTML tags. You need to escape a JavaScript string, not HTML.

Platform: HackerOne
Report: #1818163
Target: Equifax (equifax.com)
Severity: Medium (5.6)
Researcher: abdoubouanik
Status: Resolved (2023)