veidekke.se XSS vulnerability

2015-11-12T01:15:00
ID OBB:104485
Type openbugbounty
Reporter gsoc
Modified 2015-11-12T01:18:00

Description

Vulnerable URL:
http://veidekke.se/kontakt/lokala-kontor/?dp=">'>);-->&dp;=true&dp;=true&fq;=(classification_parent_path:*tag%5C:businessareas.sverige,2014%5C:*%5C+*+OR+classification_parent_path:*tag%5C:businessareas.sverige,2014%5C:*+OR+classification:tag%5C:businessareas.sverige,2014%5C:*)&fq;=(classification_parent_path:*tag%5C:geo.veidekke.no,2014%5C:G%C3%B6taland%5C+*+OR+classification_parent_path:*tag%5C:geo.veidekke.no,2014%5C:G%C3%B6taland+OR+classification:tag%5C:geo.veidekke.no,2014%5C:G%C3%B6taland)&fq;=classification:tag%5C:services.sverige,2014%5C:*&fq;=contenttype:(officeArticle)&fq;=publication:(sverige)&q;=*:*
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 25.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 3465429
Google Pagerank| 5
VIP website status:| No
Check veidekke.se SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 12 November, 2015 01:15 GMT
Vulnerability existence verified and confirmed| 12 November, 2015 01:18 GMT