@SpursOfficial ‏#XSS

https://www.openbugbounty.org/incidents/226789/ Notification & Disclosure Timeline 22 April, 2017 at 13:27 GMT Vulnerability reported via Open Bug Bounty 24 April, 2017 at 04:33 GMT Vulnerability verified and confirmed 24 April, 2017 at 06:17 GMT Notification sent to subscribers (without technical details) 26 April, 2017 at 09:32 […]

Read more

Everton FC Shop!

Yet another XSS on Everton FC website. Working in chrome and firefox!! Last time i emailed and disclosed an XSS to them they did not even reply back and say thank you! I will disclose the XSS url in 30 days. Timeline: Reported to OBB […]

Read more

#Quidco Self XSS

Simple DOM XSS this time as I didnt see any values reflected. Simple Payload Used…   #<img src=x onerror=prompt(/OPENBUGBOUNTY/)>   Timeline: March 18th – DM sent to quidco March 30th – Tweeted them https://twitter.com/Random_Robbie/status/847353071449423874 March 30th – Response received https://twitter.com/quidco/status/847400878990532608 Patched at some point with out telling […]

Read more