First Bug Bounty Win

I wanted to let you know how I helped secure XVIDEOS.com.

After spending time enumerating the site, I quickly saw some text was reflected from the search field on the main website.

There was a hidden field that held a lot of JSON data. I was able to break the main page rendering with a very old payload.

The payload in question was