$900 Blind XSS

Bug Bounty

Hello Guys!, This is my First Ever writeup. Today i will tell you about my First Bug Bounty Earning.

It was a Blind XSS ( Blind XSS are awesome 🔥 )

First I went to Bugcrowd and start finding a good program for me.
At that time i thought why not choose the old program because there are many hunters hunting on newly added programs.

so i went to and click Last >> Then i select a program that have *.target.tld

I open homepage ( and start looking for keywords like Contact Us, Customer Support, Help
I found get a demo button, I clicked and found that there is a form for demo slot booking.

I paste my xsshunter's basic payload on every input i see.
after 10 to 15 hours, I got a mail from xsshunter, I receive multiple fires from
I report immediately and tell them that some of your booking form inputs are not sanitized and vulnerable to blind xss.
I showed them PoC, IPs, etc. details

After 4 Days, they Triaged with P2 severity
i was so happy, i can't belive this because the program is one of the oldest program on bugcrowd.

After 2 Days they rewarded me with $900 and 20 Points

I got mad that day, words can't describe that feeling.
Special Thank to all my Mentors @thecyberzeel @AnubhavSingh_ @IAmMandatory and Bugcrowd

Here is the Tip : Programs add new features time to time and these are mostly vulnerable, so work on old programs too.

[19 Jun 2021] : Bug Submitted
[23 Jun 2021] : Accepted and Triaged as P2
[25 Jun 2021] : Rewarded $900
[23 Dec 2021] : Resolved