From c6a7954f468d4cab9734b1e45756e26f7ed3e167 Mon Sep 17 00:00:00 2001
From: jdgregson <jdgregson@gmail.com>
Date: Sat, 2 Jan 2021 00:32:58 -0800
Subject: [PATCH] Typo fixes

---
 xfinity/xb3-authenticated-reflected-xss/README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/xfinity/xb3-authenticated-reflected-xss/README.md b/xfinity/xb3-authenticated-reflected-xss/README.md
index 1e38280..35dd382 100644
--- a/xfinity/xb3-authenticated-reflected-xss/README.md
+++ b/xfinity/xb3-authenticated-reflected-xss/README.md
@@ -1,12 +1,12 @@
 # Xfinity Gateway XB3 - Authenticated Reflected XSS
-The administrative interface of Xfinity Gateway model XB3 (and possibly others) will execute arbitrary JavaScript if sent a specially crafted POST request by an a logged in administrator.
+The administrative interface of Xfinity Gateway model XB3 (and possibly others) will execute arbitrary JavaScript if sent a specially crafted POST request by a logged in administrator.
 
 ## Details
 The `/wizard_step2.php` page takes a POST parameter `userPassword` and unsafely echoes it to JavaScript on the page:
 
     var newPassword = '<?php if("admin" == $_SESSION["loginuser"]) echo $_POST["userPassword"]; ?>';
 
-Arbitrary JavaScript can be executed if the following payload is sent in the `userPassword` POST parameter:
+Arbitrary JavaScript can be executed if the following payload is sent to the page in the `userPassword` POST parameter:
 
     ';}alert(1);function foo() {var foo = '