Data is read from document cookie and passed to JSON parse The followi

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
Data is read from document.cookie and passed to JSON.parse.
The following value was injected into the source:
u13lelbybs%2527%2522`'"/u13lelbybs/><u13lelbybs/\>mn5iukno02&
The previous value reached the sink as:
u13lelbybs%27%22`'"/u13lelbybs/><u13lelbybs/\>mn5iukno02&
The stack trace at the source was:
at HTMLDocument.Ca.a.BurpDOMInvader.a.BurpDOMInvader.invaded.Object.defineProperty.get (<anonymous>:1:93358) at Object.getItem (https://www.euromonitor.com/bundles/master-page?v=ZscfcPceSNpardwV2vuJmu2hr4KTSVcwhJA5nm0qp0I1:1:130692) at n (https://www.euromonitor.com/bundles/master-page?v=ZscfcPceSNpardwV2vuJmu2hr4KTSVcwhJA5nm0qp0I1:1:153410) at i (https://www.euromonitor.com/bundles/master-page?v=ZscfcPceSNpardwV2vuJmu2hr4KTSVcwhJA5nm0qp0I1:1:154233) at Object.y [as init] (https://www.euromonitor.com/bundles/master-page?v=ZscfcPceSNpardwV2vuJmu2hr4KTSVcwhJA5nm0qp0I1:1:155440) at HTMLDocument.<anonymous> (https://www.euromonitor.com/my-account:1312:555) at i (https://code.jquery.com/jquery-2.2.3.min.js:2:27151) at Object.fireWith [as resolveWith] (https://code.jquery.com/jquery-2.2.3.min.js:2:27914) at Function.ready (https://code.jquery.com/jquery-2.2.3.min.js:2:29707) at HTMLDocument.J (https://code.jquery.com/jquery-2.2.3.min.js:2:29892)
The stack trace at the sink was:
at JSON.<anonymous> (<anonymous>:1:73420) at n (https://www.euromonitor.com/bundles/master-page?v=ZscfcPceSNpardwV2vuJmu2hr4KTSVcwhJA5nm0qp0I1:1:153426) at i (https://www.euromonitor.com/bundles/master-page?v=ZscfcPceSNpardwV2vuJmu2hr4KTSVcwhJA5nm0qp0I1:1:154233) at Object.y [as init] (https://www.euromonitor.com/bundles/master-page?v=ZscfcPceSNpardwV2vuJmu2hr4KTSVcwhJA5nm0qp0I1:1:155440) at HTMLDocument.<anonymous> (https://www.euromonitor.com/my-account:1312:555) at i (https://code.jquery.com/jquery-2.2.3.min.js:2:27151) at Object.fireWith [as resolveWith] (https://code.jquery.com/jquery-2.2.3.min.js:2:27914) at Function.ready (https://code.jquery.com/jquery-2.2.3.min.js:2:29707) at HTMLDocument.J (https://code.jquery.com/jquery-2.2.3.min.js:2:29892)
The XSS was triggered by a DOMContentLoaded event.