Open Bug Bounty ID: OBB-1041874
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:
      a. verified the vulnerability and confirmed its existence;
      b. notified the website operator about its existence.
Affected Website: |
forrun.co |
Open Bug Bounty Program: |
Create your bounty program now. It’s open and free. |
Vulnerable Application: |
Custom Code |
Vulnerability Type: |
XSS (Cross Site Scripting) / CWE-79 |
CVSSv3 Score: |
6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] |
Disclosure Standard: |
Coordinated Disclosure based on ISO 29147 guidelines |
Discovered and Reported by: |
KhanJanny |
Remediation Guide: |
OWASP XSS Prevention Cheat Sheet |
Export Vulnerability Data: |
Bugzilla Vulnerability Data |
JIRA Vulnerability Data [ Configuration ] |
|
Mantis Vulnerability Data |
|
Splunk Vulnerability Data |
|
XML Vulnerability Data [ XSD ] |
|
Vulnerable URL:
![](data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAAAiEAAABfCAIAAACxwoBIAAAACXBIWXMAAA7EAAAOxAGVKw4bAAAey0lEQVR4nO2df0xU2fXAn8OIwzD8cBhmYQZxQDsaliJaQ9EQw1eNJSwhbKOsoayy1FAkVFlCLVBLKRq0LFIXNywxu4Y11tqNJS4x1DXUbJFlKSI7i7N0HJEFHEeKIwKO7IjA+/5xsze379e8QUZ+eD5/vXvffeeec+55c+a9e997S2iapgAAAADADUjmWgEAAABg0QI5BgAAAHAXkGMAAAAAdwE5BgAAAHAXkGMAAAAAdwE5BgAAAHAX8yLHhIWFffPNN3zFhcgcmrAIvAfMNyCogBkz9znm1q1b09PT69at4ywuRObQhEXgPWC+AUEFvAhOckx/f7+Pjw/nrtHR0WPHjvEVxdPQ0JCcnMxZfPfdd728vD755JMZiJ1DGBa5A75xQV0LjNqMJb8EIY8fP37nnXcCAwO1Wu1vf/vb58+fz7j35cuXz1gNPmYc4ZyI0Q23ITeQabPbkTA4nhmi5vnpubC0XczQgvT19SkUCjG7BFoKExMTc/XqVXbRZrNJJBKDwTA5OTkDsXMIwyJ3wOdt1PWMxwLhcDheQDWanmkwJCcnp6WlWSwWk8kUFxdXWFg44979/f3R9ovbQop9Ea/OQBpuQ25g02axI2FwPJOi5v/pubC0XcTM8b2yBw8emM3m+Ph4dtFut8vl8nXr1nl4eMyhhq7CsGghdr1s2bLZUMc1vv/++87OztOnT2u12jVr1lRVVV28ePHFxc6JLbOFVCrV6/WcGy8NvqBaWKfnwtJ2kSEqx7z//vthYWEBAQFvv/326OgoRVGjo6M6nc5uty9ZsuSTTz4hi1VVVT4+Pu+9995rr722fPnyvXv3fv/993ySGxoaduzYsXTpUkbx0aNHpPynT5/+6le/CgwMXLFixR//+MepqSnqh2vhY8eOBQYGBgcHf/zxx3w1uDvGXZQTJ06EhYUtX778F7/4BbKLzdTUVFFR0Wuvvebt7b1r165Hjx5RFMWpD8ME1AWnH27cuLFp0yYvL6/AwMBdu3bdv39fWJ9nz5798pe/9PHxWbly5R/+8AeyOwFnYvi0ffDgwRtvvOHj4xMWFnbixAnG/SUxLhKwkeIKG4FDvLy87t275+3tjZr19PRoNBr2gPJ54/79+z/72c98fHzWrFlz/vx5si9yW4wozkFnBDyn/ynW/RlGvDF6d4pWq7158yZj49///reYY/n4/PPPXWrAGVTk6YnOd7ZpwkHu7e391ltvPXr06De/+U1gYGBAQMA777zz9OlTdCzfuLiqvHhtAffhPMfY7XaDwdDa2tre3m61WgsLCymK8vPzM5lMCoXC4XCkp6eTxTfffNNut7e3t3d0dHR0dHR2dlZUVPAJ55uMCQgIIOUfOHDAarV2dnZeuXKloaGhpqYG62YymYxGY11dXVxcHGeNgF1dXV3IroGBgeLiYs5mFRUVTU1NTU1NZrNZo9F0d3dTFMWnD8MiPj90dnZmZWUNDg4ajcaQkJDc3FxhfcrKysbHx7u6uq5cudLc3FxbWyvGmRg+bXNzcz09PXt6epqams6ePTszF/HZyBk2wodgbt++XVBQUFlZSXENKKc3cnNzfX19u7u7GxsbcY5hqypGFMU16IyA55QvjHBkBrKYQRdiyMjI2LZtG8pYDG7cuLFt27aMjAyykjOoyNMTne9s0/iC3GAwtLS0GAwGq9W6du1am83W1dXV1tbW19eHA4xvXFxVXry2gBsRvpXW19dHUdTY2Bgqtra2hoeH412c8zHokIGBAVRfX1+/ceNGtD0wMKDT6fAhdrtdoVAMDw9zFrHAyclJhULR29uL6hsaGmJjY3FHuD1fDUNJdDubYVdLSwu2i4Fare7s7CRr+PRhmCDgB5Kenp6goCBhfVQqld1uR9sGgyEmJoZ9k53RNd7Lp+3k5KRMJsP19fX12DPkOAq7iM9G4bARdovFYgkPD79w4QLNNaCc3kC2kDIZtogXhbbZg067OIOCi2S8CUSmhYVwR+JhdGS328vLy5VKZWpqqtlsRpVmszk1NVWpVJaXl2OH0PynJM2KE4ZjGZBBPjIygipbWlokEsn4+Dgqtra2rl69Gm3zjYtLys9YW2B2kTpNQgqFAl/+azSa4eFhp4fIZLIVK1ag7bVr1w4MDODDW1tbcbOrV6/GxMTgdTKMImZoaGhiYiIsLAwLRIGCdGO0Z9eIsSskJITTrtHR0eHh4aioKJH6MEzg88PXX3996NCh7u7uiYmJ6enp6elpAX0eP35ss9l0Oh0qTk9PS6Uco+aq94aGhqanp8n6mbmIz0aBsOE7BLFz5868vLy33noLyyGN4vTG0NAQRVGkTLaeIkVRPIP+4ghHplardVUgea3z8OFDgUoSb2/voqKi7OzszMzMiIgItHgvIiIiKSmpt7fXz8+PbMwXVAw4TeMLctxFSEiIr6+vl5cXKmo0GpvNRgkGvEvKu6Qt4D6c55hZxMPDIzg4GBcFVi3PK8TPE4o0ISUlZd++fbW1tTKZzGKxJCQkCDR2OBwSiaSjowOfaRKJZGJiYmZdz3MePHjQ1dX11Vdf8TXg9MbM+hIW9ZInh9k3xzgzBInBYBBZyeDu3bslJSXNzc1lZWWopqysrLKyMicnp6ysbNWqVbjliwSVS0FOIjwu4pUH5gluWVfmcDju3buHts1mc2hoKLvN1NTU5cuXcQQziiRqtdrT0/O7775DRZPJhP/jOEWpVI6Pjz958gQVLRaLK3ZQfn5+SqWS8YQznz5sEzj98PDhQ6vV+vvf/37VqlVarVYmkwnrEBwcLJfLh4eHtT9A5mnEDLynVqslEkl/fz+uF+EPDsSMtfhD1Gq10WgUOJbTG2q1mqIoUqYYzfkcyznoIplxvBlYOD1ESyBQuXLlSqwPRVH79++Pjo4OCgoym81FRUWosqioyGw2q9Xq6Ojo/fv3o0qBoHKKq0FOIhDw4pUH5g8zzzEqlcrhcNy5c4ezmJ+ff//+/W+//ba0tDQpKQkf9ezZM7TR2toaFBSE79UwiiQeHh67d+/Oy8u7d+8eEpiWliZSSR8fn40bN+bn5//3v/+9c+cOOfMsAFaSoqi8vLysrKxbt27dv3//17/+9fXr1/n04TSB7YfAwEClUvnhhx+Ojo7euXOntLTUqT7p6ek5OTnffvvtgwcP3nvvvSNHjiiVSofDcfv2bbTkhtE1uZdPWw8Pj6SkpLy8vP7+flQvzqNM/3Da6BS+Qzw8PDQajave8PDwSEhIIGWKNIQtCtWzB51iRTgn4uONMYJaFiJNEAM5Xna73Wg0njhxIiAggGwTEBDw5z//2Wg02u12VCNwSjplBkFOwjcu4pUH5hHC0zV8c5iI0tJSuVxeV1dHFk+cOKFQKI4fP65Wq/39/ffs2YOn9UhpBQUFxcXFWBSjyGhst9uzsrJUKlVISEhpaSl6kIo9B8s5K9vT07N161aFQhEREVFdXc2eDWbYxdg1OTl56NAhlUolk8lSUlJsNhufPgwTkBxOPzQ3N2/cuFEmkwUFBeXn5/v7+wv72eFw5OXlhYSEyOXyxMRENFFfWFiInc/2HrmXU1uapgcHB5OSkhQKhU6nO378OHvOn2/6mjGVyrbRqXs53cI2nHNAOb1hsVh27NihUCj0en1lZSWfqmJE8Q06zQp4TsTEG3uM3MeMn8EUPiX54gTjapAznpzlHBeXcElbwH04yTEzQOQo6vX6trY2vuJChGHCy4zmF/eeyWRSq9WuHjUDG+EkXygsglMSmA+81Dl/ktu3bwsUFyJzaMKLd20wGMLDw2dFGWBxsAhOSWA+MGc5Bphzjhw5otFokpOTe3t7i4uLS0pK5lqjBQPfM5K9vb2z+BZOAFgEQI55dYmPj8/Ly8vJyQkNDT1w4MDevXvnWqMFA9+6L0gwAMBgCU3Tc60DAAAAsDiZ+2+UAQAAAIsVyDEAAACAu3CeY9zxjm4AAADgVcB5jnHHO7oBAACAVwHX5vzv3r0bFxfX1tam0+lGRkbQi06//PLLLVu22O129ArVr776as+ePeiVG4GBgX19fejDU998801WVtYLfmEJAAAAWEA4X7vsjnd0AwAAAK8Czn/03fSObgAAAGDR4yTH4Hd0oyK6QBEJfkf3+vXrZ64gAAAAsGBxcmHhpnd0AwAAAK8Czm9eXbx48cyZM0FBQVu2bHH1tYknT56MjY1NSEhYvXr1F198kZ6ePlM9AQAAgIUHvEsGAAAAcBcwCQ8AAAC4CxdyTFhY2Mw+cr4oAW8ACx2I4bnlFfG/2Bxz69at6enpdevWuVWbhQJ4A1joQAzPLa+O/8XmmIaGhuTkZIqinjx5cvDgwZUrV3p5ea1Zs+ZPf/qTq28h6+/vX/IDS5cu/fGPf/y3v/3NZcVd5MXVJsHeoCjq1KlTq1atWrZs2fr16//xj3+Qzf71r3+tX7/e29t706ZNt27d4hT197///e2336Yo6rPPPhP5BZcnT54EBweTnykkXYp5//330ZvlZmgkQX9///Lly3FRjF1uYrYsmgHvvvuul5dXVVXVbCkg4MaXYKbIGCZDy8PDIyws7MiRI+jc4Ys6tMvDw+P69esMUTiKGMeuWLGiqKjo+fPnfOYzIvDUqVPoZYk//elP//nPf3JqyxYrYKlwj07NYfthyZIlPj4+//nPf3D7v/zlL2vWrME/O6T/5/CEehmI/CZzTEzM1atXaZreuXNnSkqKyWQaGhpqamqKj49vb2936fPO6IvuDofD4XAMDQ1duHBBpVJdvnzZtY9Eu8iLq02CvVFdXa3T6ZqamoaGhs6fP69UKpubm3GzoKCgS5cuDQ8Pl5aWbty4kVPU8ePHy8rKaJquqKg4evSomN6PHj1aUFBA1pAuxUxOTqL6GZtJyvf398dFMXa5idmyyFVsNptEIjEYDJOTkw6HY1ZkCrjxJZgpMobJ0BofHzcYDDExMShi+aIO7aIoKjw83G63k6JwFDHEGo3GzZs3Hz58mM988tjq6urw8PBr167ZbLaLFy+qVKqWlhYxYgUsFe7RqTmoR5PJ5O/vj12Rl5e3Z88e3D4qKqquro7tf3pOT6iXgKgcY7Va/f39JyYmxsfHpVLpyMjIi3TJHs7a2trExMQXkSnMrKiNwd6gaVqj0Vy7dg3vOnnyZFJSEi6qVCqLxULT9OXLl6OiojilZWZmXrhwAW18+umnTnsfGxuLjIwcGxsjK/l+ktyUY8TY5SbmKse4o18BN7rbTPExzNakpaUlIiJCWMm+vj65XL5hw4bs7GyykpFjyENaW1vXrl3Lt5c8lqFwbW0tVlhYrIClTnOMsDmcNVarVaFQ9PX10TTd2NgYHh6OEjD9v/6n5/SEegmIyjG1tbWpqak0TdvtdqlUSiZzBBqh8vJylUoVFBT00Ucf0TQ9OTlZWFioVqvlcvnOnTttNhvZmDy8s7MzNDQUbdvt9qysLJVKFRISUlpaikaFT5RTrly5IqA2TdOpqank1UNsbCz6r2G1WhMTExUKhU6nq6ysJEMHe2NkZISiKBwoyJDw8HBcLCkpiYqKysnJiYqKMhqN7N75rix7e3vlcnlnZydN0zabzd/fH58b5eXl5L8hhMgcw+nb9vb22NhYmUymUql27tyJYp2maYvFsmPHDoVCodfry8vLSQ8I2+VwODIzMxUKRWhoaElJCT6vkEC5XB4eHl5VVYUEMjQkz1JOxRjt29vb4+LiFAqFRqP5+c9/3t3dzVCGL3LYrkCSKysrdTqdv79/Wloa/lNCvt7ixIkTWAF22JNC5HJ5amqqzWYrKChQqVRKpTIjI4MMQgE3kmai7YqKCrVa7e/vv2fPnvHxcacuYpyMDMTHMDu0Ojo69Ho95y7GUUajUSaT4X/rwjmmo6MD9yvwi89WeGJiAv2OC4sVttRpjhE2h68mNzc3JyeHpuktW7acPn0a12P/I5xGAjvGOONhfiJqPgbfOvT29k5MTNy9e/eXX36JPxKDsNvtJpPJaDTW1dXFxcVRFFVRUdHU1NTU1GQ2mzUaTXd3N598pVI5NjaGtg8cOGC1Wjs7O69cudLQ0FBTUyMgKpAFlnnjxo1t27ZlZGQIq52amnrp0iW0/eDBA4PBkJKSQlFUbm6up6dnT09PU1PT2bNnOb1ht9tlMtnSpUvxLl9fX2wIRVEKhaK3t7euru7KlSuvv/4623CHwxEaGmq1WskNiqLCwsKKi4vz8vIoiiopKUlMTPy///s/iqKePn1aVVVVVlam1Wp/97vfuTqlxOlbzm83IA/4+vp2d3c3NjaeP3+elCNsF98HHZBAk8l09erVuro6p9ryKUaSlJSUkZExMDDQ0tISFxcnk8kYDfgih9MVdru9q6urtbW1vb19YGAAf6IiICDAZDKhmzBvvvkmKZ8d9iI/e+HUjYxe2tvbOzo6Ojo6Ojs7KyoqhF3E1oqB+Bhm8PDhw8OHD6NzxCmvv/56aWlpZmbm6OiocMvHjx+XlJTs27fPqUy2wkuXLl25cqVTsa5ayka8OZjCwsLz589/9tlnfX196LcIQU7GUM4igTPGOONhnuI0C9ntdoVCMTw8jIpjY2OFhYV6vV4qla5evRr/B6QoCrdBqNVq9E+cgcBfhsnJSeRuVN/Q0BAbGysgysKCpmmz2ZyamqpUKsvLy/HfRk61aZoeHx/39fUdGBigabqmpiY5ORmpIZPJsBr19fX47wnpDbYhvb29uOVHH30UFRU1ODgYHx+fkJBA03RPT49arSbbOxwOlUpFbmAmJibWrl1bWlqqUqkGBwdRZWVlZUpKis1m6+npiYyMrK6uxg6kKEpFkJuby9CQz7ckPT09QUFB2APILQwPOLVLpVJht6Pb9wICBa5jOBUj2w8PD0ulUvbsyMDAgE6nQ9uckcPpCuRDfBOypaWF8+884wqDEfaoBl8AtbS0SCQS/DeztbV19erVYtzI7oV0Hecte9JF7JOR9In4GKb/N7SUSqVMJsvOzkY+54s6Uuzk5GRsbCyalmDPcGCxEokEOYFtPq5hBwy6QFSpVOTlCJ9YYUvFXMcImMM+BJOdnS2TyWpqanAN4xfVaSRwxpjTeJg/OM8x9fX1W7duZdc7HI7W1tbY2NjDhw+zR2hkZEQqleL7JCQCw2m1Wj09PXG92WwOCgoSEMWJVCpNSUnhm30h1UY1u3fvRj/W27dvP3fuHFuN7u5uHDqkNywWi0wmI4X39PTgVIF/3axWq0qlKi8vb2tri46Oxo3RaSCVSskNUlpTUxNFUTiR0DSt1+txbDU0NODYQveLyVzL/gXh9C1N052dndu3b9doNEgNPBCkaaQHhO0aHh4mf3eUSiU6W/gECuQYTsUY7Xfv3h0dHZ2fn19ZWfnFF1+gysnJSavVSvMHIacrhLMdX45hR7KwEJFuZPTCcB3+ARLjIoZPaFdimP7f0LJaraQz+aKOoYPZbJbL5ZcuXWLPcOADm5ubN2zYcPLkSQHHomNJhUdGRiwWS1tbmxixwpaKzDF85rAPwXR1dclkMvKfEOMXVXwk4Bq+eJifOH+3P+OyDrNs2bJNmzZVV1enp6fzXeR6eHiIuZYaHh729fUVbsMpirw5hnj48GFZWVllZWVOTk5ZWdmqVasE1Ebv6ExNTf3ggw/S09Pb29vr6+uF1SC9gW6ePH/+HF+Aj42NIUMePnyIXzgdHBxcV1eXkpLS0dFB3rgwGAxXr15tbGw8efLktWvXPv30U8Z3QgcHByUSyeDgICo+fvy4t7d3xYoVqKjX661WK24skUi0Wq2w8py49O0Gp3bN4gcdxCj217/+9ebNm0aj0Wq15ufnb968+dSpUx4eHsHBwbiNyCB8mYgJDzGIHzvSJyJjGCMQWmKi7kc/+lF5eXlWVlZjYyPfsVqttrq6OjMz8+DBgxRFyeVyh8MxNTWFx85ut8vlcobCfn5+fn5+Q0NDaJewWGFLBXoUaQ4fvr6+Uql02bJluIb0/2xFwnzGyfk/NTV1+fJlMscw5jPQakX2gX5+fkqlUuRTrO3t7ZGRkRRFqdVqT0/P7777DtWbTCadTicgysCCoqiioiKz2axWq6Ojo/fv3+9U7cTERIPBcPbs2e3bt6M18mq1WiKR9Pf3YzU4veHn56fRaFpaWrBYtOSGoih0XYI+BkpR1BtvvJGZmVlfX5+dnY0ba7Xa8fFxvV6PNtauXUuerqOjowUFBefPn6+trUWr7OVy+fT0NOmc0NBQMe5FcPoWf7th1apVWq0Wz2eo1WqKou7du4eKZrMZbTi1C3/QQfsD6KdNQOD4+PiTJ09Q0WKxoA0+xdj85Cc/2bt3b1FR0ZkzZ/DUGoIvcjhdIcqJs4SY8CBxOByk69C4i3cRifgYnkUOHjwYERHBOaOGQVecaBu97r2trQ3vbW5ujoqKwgq3trbiXdeuXUO7hMUKWyrQ48zM4YPhf1cjAcEZD/MX4cuc5ubmyMhIXDSZTGq1+vTp01ardWRkBO0tLy/nvDwvLy+PiYnp6uqyWCy5ubmMpehoCbnNZmM8H7Nv377k5OSBgQGj0bhhwwZ0p4hPlDB9fX3p6ekCauOWaWlpvr6+5NJh9DxNX1+f0WiMiopCl8AMb9DEintkCLniPicnZ/PmzUaj0Waz1dXVoWUh+AYd4tChQ7W1tTRNFxcXk/fE0OFo5cnRo0fj4+NRZUpKSkJCQl9fX1dXV0RExJkzZ9guJZ9UGBsbk0qlJpMJ3eLg9K1ara6pqRkZGTGbzSkpKfhiPyUlBS1VMhqN0dHRuN6pXdnZ2bGxsejaoqKiAj1LISAwJiZm3759g4ODZrM5Li6OvJvEVoy0qLu7OyEhAT0nMTAwsG/fPrQU1W6346V3fJHDdsVLvlcm7EbSTHT/nXRdaWmpgIs4T0bsE5dimE8auYvv+Rj25IdCoeB8PsbhcHR3d2/ZsgUtwUJ88MEHer2+ubkZPQSjVCrxQzD4+ZihoaFz584plcrW1lYxYoUtFejRqTns8eVzINv/wpHAGWN88TA/cZJjCgoKiouLyZrGxsb4+HhfX1+5XB4VFYUW5PHdAj506JBKpZLJZGimGtUjHyGkUmlERAR6QATBt3aZU5R4ONXGXLp0SaFQkEsABwcHk5KS0Nrl48ePo9Bhe4P+IeI9PT2jo6MbGxtxvcPhKCws1Ol0Mplsw4YN586dQyuSybBOTU1Fh6SlpV26dAnXd3R0KBQKNPXicDh0Ot3Zs2dpmrbZbGlpaUqlMjQ09Pjx47g96VIMug1dWFgol8vR7wunb5ubmzdu3CiTyYKCgvLz8/FJQq5dJldvO7ULPX0WEhIil8sTExPx1Dq5dpkU2NPTs3XrVoVCERERUV1djev5FMMWTUxMlJaW6vV6T09PtVqdnp6OFkcwVjpwRg7f2mXSpW7NMU7diM1EMo8fP85eq8rpIs6TEVe6FMN80vAuvqjjPKq2tpYx549Rq9VZWVmMp76qqqp0Op2np2dkZGR9fT1DYbRrw4YN5CMvTsUKWCrQo1NzcDOnOYbtf+FI4IsxzniYnzjJMXq9vq2t7eWoMm9Bl0E0eGP24Fs/NlvC3foA40tmVszBQiCG55YX9/+CC28nc/7kS7FeWQwGA/o4G3hjoUA+iwAgkE8ghueWV9D/zteVvZocOXJEo9EkJyf39vYWFxeXlJTMtUaAWIKCgk6ePDnXWswvwCfAXAHfKOMmPj6+pqYmJCQkPT39wIEDIt+IDMwHli1bNg/XK88t4BNgroBvLQMAAADuAq5jAAAAAHcBOQYAAABwF5BjAAAAAHfhPMfcuHFj06ZNXl5egYGBu3btun//Pvou6bFjxwIDA4ODgz/++GPGIZ9//jmnKL56AAAAYFHiPMdwfqNC+AMVGRkZ27Ztu3nzpsh6AAAAYHHi0hOb6BsVYj5QUV5erlQqU1NTzWYzbsNXDwAAACxKnK9d/vrrrw8dOtTd3T0xMTE9PT09PW0wGCIjI/G7chFTU1NDQ0PkO9UfP36cmZl5+fLl58+fky356gEAAIBFhvN7ZSkpKVu2bGlubjYYDAKfTGB8tOPu3bvoNbdlZWVkM756AAAAYPHh5F0y+BsVqGiz2cQI3b9//7lz57Kyssxmc0BAgNN6AAAAYFHiJMegT/d8+OGHaWlpQ0NDpaWlfC2fPn168eJF9M4Vu91uNBpXrlzJaMNXDwAAACxKnM/HXL9+PT8/32g0+vv7p6WlnTlzhnM+pr+/n10JAAAAvMrM2vvKIMcAAAAADGbzOX/4aAcAAABAMmvXMc+ePZNKpfD+cAAAAAAD7/YHAAAA3AW8ExMAAABwF5BjAAAAAHcBOQYAAABwF5BjAAAAAHcBOQYAAABwF5BjAAAAAHcBOQYAAABwF5BjAAAAAHcBOQYAAABwF5BjAAAAAHcBOQYAAABwF5BjAAAAAHcBOQYAAABwF5BjAAAAAHcBOQYAAABwF5BjAAAAAHcBOQYAAABwF5BjAAAAAHcBOQYAAABwF5BjAAAAAHcBOQYAAABwF5BjAAAAAHcBOQYAAABwF5BjAAAAAHcBOQYAAABwF/8PxOyYx6f2ANwAAAAASUVORK5CYII=)
Screenshot: ![forrun.co vulnerability](/twimages/screen-1041874.jpg)
Mirror: Click here to view the mirror
Coordinated Disclosure Timeline
Vulnerability Reported: |
18 December, 2019 15:15 GMT |
Vulnerability Verified: |
18 December, 2019 15:24 GMT |
Website Operator Notified: |
18 December, 2019 15:24 GMT |
a. Using the ISO 29147 guidelines |
![](/images/done.png) |
— |
— |
b. Using publicly available security contacts |
![](/images/done.png) |
c. Using Open Bug Bounty notification framework |
![](/images/done.png) |
d. Using security contacts provided by the researcher |
![](/images/done.png) |
Public Report Published |
|
[without any technical details]: |
18 December, 2019 15:24 GMT |