Hello all 
today i’m going to write about an interesting vulnerability i’ve found in Square’s Acquisition website bookfresh.com that was escalated to remote code execution.
the story started when i saw that Bookfresh became a part of Square bug bounty program at Hackerone.
i decided to take a look at and start finding some vulnerabilities . i’ve found that the website is vulnerable to many XSS but i was looking for something bigger like Sql Injection or RCE.