grab.com XSS vulnerability

Vulnerable URL: https://www.grab.com/id/wp-includes/js/mediaelement/flashmediaelement.swf?asfunction:getURL,javascript:alert1//", Details: Description| Value ---|--- Patched:| Yes, at 04.01.2018 Latest check for patch:| 04.01.2018 10:35 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...

grab.com XSS vulnerability

Vulnerable URL: https://www.grab.com/sg/press/tech-product/grab-create-5-million-micro-entrepreneurs-indonesia-2018/?" Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 2222 VIP website status:| Yes Check grab.com...

Grab: [parcel.grab.com] DOM XSS at /assets/bower_components/lodash/perf/

Summary: DOM Based XSS or as it is called in some texts, “type-0 XSS” is an XSS attack wherein the attack payload is executed as a result of modifying the DOM “environment” in the victim’s browser used by the original client side script, so that the client side code runs in an “unexpected” manner...

Grab: Dom based xss affecting all pages from https://www.grab.com/.

Hello, there's a dom based xss vulnerability affecting all pages under the domain https://www.grab.com/. This vulnerability wasn't properly patched so I managed to bypass the regular expressioned that was added into the function. Vulnerable code: var stripHtml = function var div =...

grab.com XSS vulnerability

Vulnerable URL: http://www.grab.com/my/driver/hitch/?=" Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 4250 VIP website status:| Yes Check grab.com SSL connection:| Grade: A+ Coordinated Disclosure Timeline:...