DATABASE RESOURCES PRICING ABOUT US

{"id": "OBB:1179742", "type": "openbugbounty", "bulletinFamily": "bugbounty", "title": "international.pawpatrol.com Cross Site Scripting vulnerability ", "description": " \n\n\nOpen Bug Bounty ID: OBB-1179742\n\nFollowing coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147](<https://www.iso.org/standard/45170.html>)** standard, Open Bug Bounty has: \n\n&amp;nbsp&amp;nbsp&amp;nbsp&amp;nbsp&amp;nbsp&amp;nbspa. verified the vulnerability and confirmed its existence; \n&amp;nbsp&amp;nbsp&amp;nbsp&amp;nbsp&amp;nbsp&amp;nbspb. notified the website operator about its existence.\n\nAffected Website:| **[international.pawpatrol.com](<http://international.pawpatrol.com>) ** \n---|--- \nOpen Bug Bounty Program:| **Create your bounty program now**. It's open and free. \nVulnerable Application:| Custom Code \nVulnerability Type:| **[XSS (Cross Site Scripting)](<https://www.owasp.org/index.php/Cross-site_Scripting_\\(XSS\\)>)** / CWE-79 \nCVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] \nDisclosure Standard:| Coordinated Disclosure based on **[ISO 29147](<https://www.iso.org/standard/45170.html>)** guidelines \nDiscovered and Reported by:| **Dipu1A ** \nRemediation Guide:| **[OWASP XSS Prevention Cheat Sheet](<https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.md>)** \nExport Vulnerability Data:| Bugzilla Vulnerability Data \nJIRA Vulnerability Data [ Configuration ] \nMantis Vulnerability Data \nSplunk Vulnerability Data \nXML Vulnerability Data [ XSD ] \n \nVulnerable URL:\n\n \n--- \n \n**Screenshot:** \n\n**Mirror:** [Click here to view the mirror](<http://1179742.openbounty.org/mirror/>)\n\n### Coordinated Disclosure Timeline\n\nVulnerability Reported:| 1 June, 2020 07:22 GMT \n---|--- \nVulnerability Verified:| 1 June, 2020 07:31 GMT \nWebsite Operator Notified:| 1 June, 2020 07:31 GMT \na. Using the ISO 29147 guidelines|  \n---|--- \nb. Using publicly available security contacts|  \nc. Using Open Bug Bounty notification framework|  \nd. Using security contacts provided by the researcher|  \nPublic Report Published \n[without any technical details]:| 1 June, 2020 07:31 GMT \nVulnerability Fixed:| 26 June, 2020 15:51 GMT \n---|---\n", "published": "2020-06-01T07:22:00", "modified": "2020-07-01T07:22:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.openbugbounty.org/reports/1179742/", "reporter": "Dipu1A", "references": [], "cvelist": [], "lastseen": "2020-08-25T01:01:49", "viewCount": 5, "enchantments": {"dependencies": {}, "score": {"value": 0.7, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.7}, "openbugbounty": {"patchStatus": "patched", "mirror": "http://1179742.openbounty.org/mirror/"}, "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645561802, "score": 1684000741, "epss": 1678905580}, "_internal": {"score_hash": "d1556f4613b39fd82a30b6813556c1d7"}}

{}