oauth2.razerzone.com Open Redirect vulnerability

Open Bug Bounty ID: OBB-621310 Description| Value ---|--- Affected Website:| oauth2.razerzone.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...

Razer US: POST XSS in careers.razerzone.com via the txt_email parameter.

The researcher discovered a POST based XSS on an administrative login page on our careers.razerzone.com website that would have allowed the execution of scripts in some browsers e.g. Firefox. This was fixed on 1/5. Another great report. We'd also like to acknowledge the researcher's effort in...

support.razerzone.com XSS vulnerability

Vulnerable URL: http://support.razerzone.com/ Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Coordinated Disclosure Timeline: Description| Value ---|---...

Razer US: Reflected XSS on the https://deals.razerzone.com/json/translation endpoint

Thanks to SP1D3RS for the great report and working with the team on this one. This was a trivial POST-XSS, caused by using text/html Content-Type on the JSON endpoint, and ability to control the part of the response using unsanitized input. Why I disclosed it if this is a trivial issue? I pretty...

store.razerzone.com Open Redirect vulnerability

Vulnerable URL: http://store.razerzone.com/store/razereu/esES/RedirectToLandingPage/pgm.95708900?landingpage=http%3A%2F%2Fwww.openbugbounty.org Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| Unknown /...