Fixed XSS vulnerability at www.panerabread.com

2009-06-20T00:00:00
ID XSSED:61896
Type xssed
Reporter Rugburn
Modified 2012-03-31T00:00:00

Description

Security researcher Rugburn, has submitted on 20/06/2009 a cross-site-scripting (XSS) vulnerability affecting www.panerabread.com, which at the time of submission ranked 10015 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 31/03/2012. It is currently fixed.

Vulnerable URL: http://www.panerabread.com/cafes/results.php?NAV=1&state=&zip="><script>alert("XSS Found ByRugburn")</script>