Starbucks: Reflected DOM XSS on www.starbucks.co.uk

Summary: www.starbucks.co.uk is vulnerable to reflected DOM XSS due to 2 seemingly unexploitable issues. The first issue is unfixed for over a year now, 252908, the second issue originates in a 3rd party module called prettyPhoto. Description: Visiting the following link results in a JavaScript...

Unfixed XSS vulnerability at www.tickco.com

Security researcher mckt, has submitted on 06/08/2008 a cross-site-scripting XSS vulnerability affecting www.tickco.com, which at the time of submission ranked 29940 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/08/2008. It is currently...