A few days ago, while browsing the website visualstudio.microsoft.com[1], I performed some tests on that Microsoft’s subdomain to check for any potential vulnerabilities. After multiple attempts, I was unable to find any security flaws, except for a Self XSS issue on their second search bar on the download page. To explore further, I fetched the website’s archived links using Archivefinder[2], and discovered another search parameter(q). I tested this parameter using different payloads and various encodings, but all the payloads were sanitized. Continuing my investigation, I tested some payloads on the same parameter on one of their regional sites using different encodings, but all attempts failed. Finally, I tried a double URL-encoded payload on that regional website, which successfully executed a Reflected Cross-Site Scripting (RXSS)[3].
Below are some steps which I have tried for finding this vulnerability: