baseballsavant.mlb.com Cross Site Scripting vulnerability OBB-3404729

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

mlb.mlb.com XSS vulnerability

Open Bug Bounty ID: OBB-616242 Description| Value ---|--- Affected Website:| mlb.mlb.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

mlb.mlb.com XSS vulnerability

Open Bug Bounty ID: OBB-361194 Description| Value ---|--- Affected Website:| mlb.mlb.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...

mlb.mlb.com XSS vulnerability

Vulnerable URL: http://mlb.mlb.com/mlb/presspass//gamenotes.jsp?cid=mlb";alert/XSSPOSED/// Details: Description| Value ---|--- Patched:| No Latest check for patch:| 04.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website...

m.mlb.com XSS vulnerability

Vulnerable URL: http://m.mlb.com/fantasy/preview/y2017?team=...

m.mlb.com XSS vulnerability

Vulnerable URL: http://m.mlb.com/video/v1283818983/nymmia-darnauds-moonshot-gives-mets-lead-in-16th/?query=x%27%22%3E%3CsvG+onLoad%3Dprompt%2Fopenbugbounty%2F%3E Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 19:19 GMT Vulnerability type:| XSS...

mlb.mlb.com XSS vulnerability

Vulnerable URL: http://mlb.mlb.com/mlb/subscriptions/blackout.jsp?postalCode=1zqjwx Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No...

mlb.mlb.com XSS vulnerability

Vulnerable URL: http://mlb.mlb.com/mlb/news/wintermeetings/y2007/archive.jsp?day=1%22--%3E%3Csvg/onload=;prompt/OPENBUGBOUNTY/;%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

mlb.mlb.com XSS vulnerability

Vulnerable URL: http://mlb.mlb.com/mlb/presspass/gamenotes.jsp?cid=mlb";alert/XSSPOSED/// Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google Pagerank| 7...

m.mlb.com XSS vulnerability

Vulnerable URL: http://m.mlb.com/video/search?query=%22%3E%3Cscript%3Ealert%28%27XSSPOSED%27%29%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at 21.11.2017 Latest check for patch:| 21.11.2017 19:02 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank...

mlb.com XSS vulnerability

Open Bug Bounty ID: OBB-51522 Description| Value ---|--- Affected Website:| mlb.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...

secure.mlb.com XSS vulnerability

Open Bug Bounty ID: OBB-47267 Description| Value ---|--- Affected Website:| secure.mlb.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat She...