3 matches found
Mars: █████████ when adding branches to your account
A vulnerability was identified in the branch addition functionality of the Royal Canin specialized channel website. The issue was classified as an Insecure Direct Object Reference IDOR vulnerability, which allowed unauthorized users to add branches to any account by manipulating the customer's...
Mars: RXSS on ████ via configUrl parameter
A Reflected Cross-Site Scripting RXSS vulnerability was reported on the Swagger UI page of the Royal Canin eVet API. The vulnerability was identified in the configUrl parameter of the URL. This security flaw allowed an attacker to inject malicious scripts into the web page, which were then execut...
offer.royalcanin.co.uk XSS vulnerability
Open Bug Bounty ID: OBB-385037 Description| Value ---|--- Affected Website:| offer.royalcanin.co.uk Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention...