Razer US: Unauthenticated DOM-based XSS in zvault.razerzone.com via the redir parameter.

Summary --- zvault.razerzone.com is vulnerable to DOM-based XSS via the redir parameter. F219081 F219082 Affected Code --- js var redirectUrl = getUrlParameter'redir'; if isCrossOriginFrame window.location.href = redirectUrl; else window.parent.location.href = redirectUrl; Browsers Verified In --...