Reflected XSS - Login Email
TaintedPort
Vuln ID
TP-006
Title
Reflected XSS - Login Email
Severity
medium
Type
XSS
HTTP Method
POST
URL
/auth/login
Parameter
email
Filename
-
Code Location
backend/api/controllers/AuthController.php line 72; frontend/app/login/page.js line 90
Description
On failed login, the error message includes the raw email address without HTML encoding. The frontend renders it using dangerouslySetInnerHTML.
Proof of Concept
email = <script>alert(1)</script>Remediation
Server-side: HTML-encode the email with htmlspecialchars(). Client-side: use text rendering instead of dangerouslySetInnerHTML.