secure2.store.apple.com XSS vulnerability

2015-08-12T22:32:00
ID OBB:78490
Type openbugbounty
Reporter SecBit
Modified 2015-08-12T22:35:00

Description

Vulnerable URL:
https://secure2.store.apple.com/shop/button_availability?cs=my+account&seg;=consumer&css;=signin&od;=false&pg;=AOS%3A+OLSS%3A+OS%3A+Login+Order+Lookup587c6ab628
Details:

Description| Value
---|---
Patched:| Yes, at 09.12.2015
Latest check for patch:| 09.12.2015 07:00 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
Google Pagerank| 0
VIP website status:| No
Check secure2.store.apple.com SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 12 August, 2015 22:32 GMT
Vulnerability existence verified and confirmed| 12 August, 2015 22:35 GMT