bigkaka.com Stored Cross Site Scripting Vunlerability

##############################################################
#  Title :  bigkaka.com Stored Cross Site Scripting Vunlerability [ self xss ]
#  Author : Dj3Bb4rAn0n ( bassem ) FB/djebbar.bassem.16 
#  Date : /28/05/2019
#  Home : Annaba ( Algeria )
#  Tested on : Linux ( Backbox )
##############################################################

# Bac 2020 nchaleh faha -_- 

# PoC

  All input fields are vunlerable to XSS vunlerability  :V :V

[ * ]  Register  as user then login to your account

[ * ]  Go on My Profile and  inject This payload "><script>alert("own3d by by bassem");</script>  on the first name input field and last name  both are vunlerable

 And finally the alert box will pop up as usuall  

[ + ]  Try to refuse your profile page  and the alert box will pop up every time you did  

[ + ]  Impact : on this situation this vunlerability  is not at all  dangerous casue it will only affect the same user that loged with the same password 

 if anything is wrong above please execuse me i m newbie + my grammer is so bad sorry guys

------------------------------------------------------------------------------------------------------------------------

sh00tz to : My  Pc 

-------------------------------------------------------------------------------------------------------------------------