Insulet Corporation: DOM XSS on www.omnipod.com/freedom/birthdate-confirmation and www.omnipod.com/pif/thanks-freedom
The DOM-based XSS vulnerability was found on the www.omnipod.com/freedom/birthdate-confirmation and www.omnipod.com/pif/thanks-freedom pages. The vulnerability was triggered by crafting a URL with malicious code in the query parameters, which was then executed by the vulnerable script on the page...