westpac.com.au XSS vulnerability

2015-12-17T14:15:00
ID OBB:117228
Type openbugbounty
Reporter dim0k
Modified 2016-12-07T23:12:00

Description

Vulnerable URL:
http://www.westpac.com.au/locateus/?searchInput=">![](x)&types;=branch
Details:

Description| Value
---|---
Patched:| Yes, at 07.12.2016
Latest check for patch:| 07.12.2016 07:59 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 2611
Google Pagerank| 7
VIP website status:| Yes
Check westpac.com.au SSL connection:| (Grade: A+)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 17 December, 2015 14:15 GMT
Vulnerability existence verified and confirmed| 17 December, 2015 14:18 GMT
Vulnerability details disclosed by researcher| 10 March, 2016 15:11 GMT
Vulnerability patched by the website owner| 7 December, 2016 23:12 GMT