Hi, I have found Reflected XSS in Search bar. I wanna know is it valid?
If it’s designed in a way that you can send somebody a link and it executes when they click it, then it is valid. If the only way you have to exploit it is by typing the payload in yourself, then it is not valid.
Thank You for your reply