@blacky_sk

After I’ve read post about XXE in runkeeper, I really wanted to look at runkeeper.com and try to find some bugs. It didn’t take long and I’ve discovered 2 bugs – HTML injection and XSS; both stored.