Eurostar Accused Researchers of Blackmail for Reporting AI Chatbot Flaws

Researchers discovered critical flaws in Eurostar’s AI chatbot including prompt injection, HTML injection, guardrail bypass, and unverified chat IDs - Eurostar later accused them of blackmail...

MAL-2025-27830 Malicious code in npm-eurostar-libs (npm)

The package npm-eurostar-libs was found to contain malicious code...

Malicious code in npm-eurostar-libs (npm)

The package npm-eurostar-libs was found to contain malicious code...

eurostar-marine.com Improper Access Control vulnerability OBB-3799080

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

help.eurostar.com XSS vulnerability

Vulnerable URL: https://help.eurostar.com/faq?language=%3C/SCript%3E%3CsvG/onLoad=prompt9%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Coordinated Disclosure...

eurostar-touristik.de XSS vulnerability

Vulnerable URL: https://www.eurostar-touristik.de/suche/?pmfulltext=/%22%E2%80%93!%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E%22 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 153961...

help.eurostar.com XSS vulnerability

Vulnerable URL: https://help.eurostar.com/email?lang='-alert'OPENBUGBOUNTY'-' Details: Description| Value ---|--- Patched:| Yes, at 03.11.2017 Latest check for patch:| 03.11.2017 16:59 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP...

Eurostar TV - Dynamic Code Loading, External URLs, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application Eurostar TV published at the 'play' market has multiple vulnerabilities...

Unfixed XSS vulnerability at www.eurostarjewelry.com

Security researcher Vagrant, has submitted on 18/03/2007 a cross-site-scripting XSS vulnerability affecting www.eurostarjewelry.com, which at the time of submission ranked 333098 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 19/03/2007. It is...