The theme did not properly sanitise its serviceestimatekey search parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting issue
https://smartdata.tonytemplates.com/car-repair-service-v4/car1/estimateresult/result?s=&serviceestimatekey=<img+src%3Dx+onerror%3Dalert(`m0ze`)%3B>
m0ze
m0ze
Yes
2021-05-17 (about 1 years ago)
2021-05-17 (about 1 years ago)
2021-05-18 (about 1 years ago)