How i Found Store XSS on BitPay

How i Found Store XSS on BitPay

Hello Guys, This is Hamid Ashraf Today I am sharing with u how I found store xss on bitpay.


login id
Go Hosted Catalog Item
page down Go Collect Buyer’s Information click on Add Custom Field
add the xss payload
here`s the xss payload


now click on save changes
now click on test link
open new tab when link is open click on bitcoin checkout now button
xss alert

POC Video

hope you enjoyed! If you have any kind of question please don’t hesitate to ask me, either way here or via email at


Add a Comment

Your email address will not be published. Required fields are marked *