PetSmart warns customers of credential stuffing attack

Pet retail company PetSmart has emailed customers to alert them to a recent credential stuffing attack. Credential stuffing relies on the re-use of passwords. Take this example: User of Site A uses the same email and password to login to Site B. Site A gets compromised and those login details are...

Unfixed XSS vulnerability at www.petsmart.com

Security researcher C1c4Tr1Z, has submitted on 20/06/2008 a cross-site-scripting XSS vulnerability affecting www.petsmart.com, which at the time of submission ranked 6893 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 20/06/2008. It is current...