ancestry.com Cross Site Scripting vulnerability OBB-2880154

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ancestry.com Cross Site Scripting vulnerability OBB-2731236

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Leak Exposes Private Data of Genealogy Service Users

A server containing information of users of a genealogy service has exposed the data of 60,000 users, putting them at risk for fraud, phishing and other cybercriminal activity. Research led by Avishai Efrat at WizCase has discovered the leak, which affected an open and unencrypted ElasticSearch...

Software firm leaks 25GB worth of subscription & Ancestry.com user data

By Waqas Here's how Ancestry.com users were implacted. This is a post from HackRead.com Read the original post: Software firm leaks 25GB worth of subscription & Ancestry.com user data...

Ancestry.com’ RootsWeb breach: 300,000 plaintext accounts leaked

By Waqas Another day another data breach, this time it is Ancestry.com, the This is a post from HackRead.com Read the original post: Ancestry.com RootsWeb breach: 300,000 plaintext accounts leaked...

Leaky RootsWeb Server Exposes Some Ancestry.com User Data

Ancestry.com said it closed portions of its community-driven genealogy site RootsWeb as it investigated a leaky server that exposed 300,000 passwords, email addresses and usernames to the public internet. In a statement issued over the weekend, Chief Information Security Officer of Ancestry.com...

ancestry.com XSS vulnerability

Vulnerable URL: https://www.ancestry.com/name-origin?surname=xss%22%3E%3Cimg%20src=x%20onerror=prompt%27openbugbounty%27%3E Details: Description| Value ---|--- Patched:| Yes, at 21.11.2017 Latest check for patch:| 21.11.2017 21:18 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...

ancestry.com XSS vulnerability

Vulnerable URL: http://www.ancestry.com/ShareHandler.ashx?retUrl=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTUE9TRUQnKTwvc2NyaXB0Pg== Details: Description| Value ---|--- Patched:| No Latest check for patch:| 17.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Ran...

ancestry.com XSS vulnerability

Open Bug Bounty ID: OBB-278741 Description| Value ---|--- Affected Website:| ancestry.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

ancestry.com XSS vulnerability

Vulnerable URL: https://www.ancestry.com/cs/learning/search?s==0 Details: Description| Value ---|--- Patched:| Yes, at 26.03.2017 Latest check for patch:| 26.03.2017 12:45 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 528 Google Pagerank| 7 VIP website status:...

ancestry.com XSS vulnerability

Vulnerable URL: https://www.ancestry.com/academy/search?q=" Details: Description| Value ---|--- Patched:| Yes, at 03.04.2016 Latest check for patch:| 03.04.2016 15:24 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 528 Google Pagerank| 7 VIP website status:| Yes...

sm.ancestry.com Open Redirect vulnerability

Open Bug Bounty ID: OBB-115053 Description| Value ---|--- Affected Website:| sm.ancestry.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...