Evernote: Reflected XSS in the shared note view on https://evernote.com

Summary: There is a reflected XSS vulnerability on https://evernote.com, in the shared web note view, triggered through the view and ionUrl parameters of the /shard/sSHARDNUMBER/client/snv endpoint. Description: When a user creates a note and shares it, it is stored in the following endpoint, bei...

evernote.com XSS vulnerability

Vulnerable URL: https://evernote.com/intl/jp/legal/privacy.php?" Details: Description| Value ---|--- Patched:| Yes, at 14.06.2017 Latest check for patch:| 14.06.2017 08:50 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 393 VIP website status:| Yes Check...