Search...

veidekke.se XSS vulnerability

2015-11-12T01:15:00

ID OBB:104485
Type openbugbounty
Reporter gsoc
Modified 2015-11-12T01:18:00

Description

Vulnerable URL:

http://veidekke.se/kontakt/lokala-kontor/?dp="&gt;'&gt;);--&gt;&dp;=true&dp;=true&fq;=(classification_parent_path:*tag%5C:businessareas.sverige,2014%5C:*%5C+*+OR+classification_parent_path:*tag%5C:businessareas.sverige,2014%5C:*+OR+classification:tag%5C:businessareas.sverige,2014%5C:*)&fq;=(classification_parent_path:*tag%5C:geo.veidekke.no,2014%5C:G%C3%B6taland%5C+*+OR+classification_parent_path:*tag%5C:geo.veidekke.no,2014%5C:G%C3%B6taland+OR+classification:tag%5C:geo.veidekke.no,2014%5C:G%C3%B6taland)&fq;=classification:tag%5C:services.sverige,2014%5C:*&fq;=contenttype:(officeArticle)&fq;=publication:(sverige)&q;=*:*

Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 25.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 3465429
Google Pagerank| 5
VIP website status:| No
Check veidekke.se SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 12 November, 2015 01:15 GMT
Vulnerability existence verified and confirmed| 12 November, 2015 01:18 GMT

JSON Vulners Source

Initial Source

{"type": "openbugbounty", "lastseen": "2017-10-18T17:19:38", "_object_types": ["robots.models.base.Bulletin", "robots.models.openbugbounty.OpenbugbountyBulletin"], "href": "https://www.openbugbounty.org/reports/104485/", "cvss": {"score": 0.0, "vector": "NONE"}, "history": [], "reporter": "gsoc", "description": "##### Vulnerable URL:\n \n \n http://veidekke.se/kontakt/lokala-kontor/?dp=\">'>);-->&dp;=true&dp;=true&fq;=(classification_parent_path:*tag%5C:businessareas.sverige,2014%5C:*%5C+*+OR+classification_parent_path:*tag%5C:businessareas.sverige,2014%5C:*+OR+classification:tag%5C:businessareas.sverige,2014%5C:*)&fq;=(classification_parent_path:*tag%5C:geo.veidekke.no,2014%5C:G%C3%B6taland%5C+*+OR+classification_parent_path:*tag%5C:geo.veidekke.no,2014%5C:G%C3%B6taland+OR+classification:tag%5C:geo.veidekke.no,2014%5C:G%C3%B6taland)&fq;=classification:tag%5C:services.sverige,2014%5C:*&fq;=contenttype:(officeArticle)&fq;=publication:(sverige)&q;=*:*\n \n\n##### Details:\n\nDescription| Value \n---|--- \nPatched:| No \nLatest check for patch:| 25.07.2017 \nVulnerability type:| XSS \nVulnerability status:| Publicly disclosed \nAlexa Rank| 3465429 \nGoogle Pagerank| 5 \nVIP website status:| No \nCheck veidekke.se SSL connection:| (Grade: F) \n \n##### Coordinated Disclosure Timeline:\n\nDescription| Value \n---|--- \nVulnerability reported| 12 November, 2015 01:15 GMT \nVulnerability existence verified and confirmed| 12 November, 2015 01:18 GMT\n", "bulletinFamily": "bugbounty", "references": [], "objectVersion": "1.4", "viewCount": 1, "_object_type": "robots.models.openbugbounty.OpenbugbountyBulletin", "cvelist": [], "openbugbounty": {"mirror": "", "patchStatus": "unpatched"}, "enchantments_done": [], "title": "veidekke.se XSS vulnerability ", "id": "OBB:104485", "modified": "2015-11-12T01:18:00", "published": "2015-11-12T01:15:00", "enchantments": {"score": {"value": 0.0, "vector": "NONE", "modified": "2017-10-18T17:19:38"}, "dependencies": {"references": [], "modified": "2017-10-18T17:19:38"}, "vulnersScore": 0.0}}