4 matches found
Mail.ru: [self?] XSS в адресе пользователя [sbermarket.ru]
Stored self-XSS via delivery address in sbermarket.ru i die ███████████████████████████ ███████▀▀▀░░░░░░░▀▀▀███████ ████▀░░░░░░░░░░░░░░░░░▀████ ███│░░░░░░░░░░░░░░░░░░░│███ ██▌│░░░░░░░░░░░░░░░░░░░│▐██ ██░└┐░░░░░░░░░░░░░░░░░┌┘░██ ██░░└┐░░░░░░░░░░░░░░░┌┘░░██ ██░░┌┘▄▄▄▄▄░░░░░▄▄▄▄▄└┐░░██...
Mail.ru: Reflected XSS in "keywords" parameter at "https://sbermarket.ru/metro/search"
Reflected XSS via GET parameter in sbermarket.ru...
Mail.ru: Users information leak at sbermarket.ru
sbermarket.ru application could disclosure personal information from another request due to invalid caching settings...
Mail.ru: Web cache information leakage at sbermarket.ru
Due to invalid caching settings, attacker could obtain profile related data from the web cache by forcing victim to request vulnerable endpoint...