firstamlosangeles.com Cross Site Scripting vulnerability OBB-1271579

2020-08-23T23:31:00

Description

Following coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147](<https://www.iso.org/standard/45170.html>)** standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence. Affected Website:| **[firstamlosangeles.com](<https://firstamlosangeles.com>) ** ---|--- Open Bug Bounty Program:| **Create your bounty program now**. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| **[XSS (Cross Site Scripting)](<https://www.owasp.org/index.php/Cross-site_Scripting_\(XSS\)>)** / CWE-79 CVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] Disclosure Standard:| Coordinated Disclosure based on **[ISO 29147](<https://www.iso.org/standard/45170.html>)** guidelines Discovered and Reported by:| **Tanzil ** Remediation Guide:| **[OWASP XSS Prevention Cheat Sheet](<https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.md>)** Export Vulnerability Data:| Bugzilla Vulnerability Data JIRA Vulnerability Data [ Configuration ] Mantis Vulnerability Data Splunk Vulnerability Data XML Vulnerability Data [ XSD ] Vulnerable URL: ![](data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAAAiEAAABLCAIAAAAphcDFAAAACXBIWXMAAA7EAAAOxAGVKw4bAAAcbElEQVR4nO2dfVBU1xXAn7jCggsoHxu+HIFadCxDGEsZTKllrKOEMs5GiVpLDaEMIQwiZYxFayklLTH4EUMpZVKTIY5jMh3qWMdhqN2hnQ3dGoJkJZsNbpBBXBaKyFdWslmR1z/u9M7Ne+/e93ZhBcz5/cV7795zzr3nvnd4d+87dxnP8xwAAAAAeAGfhTYAAAAAeGKBGAMAAAB4C4gxAAAAgLeAGAMAAAB4C4gxAAAAgLeAGAMAAAB4i8UbY+Li4m7evEk7BJY0HnsThgEALC0WaYz55JNPZmdnn376aclDYEnjsTdhGADAkkMmxty5cycwMFDy0uTk5GuvvUY7nCNXrlzZuXOn5OEvfvELf3//d999l2Ebg/my0zPtj4FFaxhG4Nw5Vrxz587q1avnwy6h2PnqRraFNEXeMwDfQQrrumvG+Pj4iy++GB4eHh0d/ctf/vLhw4fcfD8fGHhv/C/+O2tx4vl7zMTERE1NDe1wjtBizP379+vq6q5fv56bm7t27drR0VF3Jc+vnYAHzG+MAdyCvIO8pCIvL8/lcplMpra2NqPRWFlZycF99w1mMc6VDQ0NWa3WjIwM8aHD4QgICHj66aeXL1/OcZyfn9/CmQl4gsC5j6EiQCK4g+adL7/8squr66233oqOjl6/fv2ZM2eam5u9oQhYKiiKMW+++WZcXFxoaOjPfvazyclJjuMmJydjY2MdDseyZcveffdd8vDMmTOBgYEnT5586qmnVq9e/cILL3z55ZdIzkcfffSDH/wgMDAwOjp69+7dn332maS6K1eubN++fcWKFYLD+/fvk0rxqyv647XXXgsPD4+MjHz77bdpugRmf/TRR5s3b/b39w8PD3/++ecHBwextNOnT8fFxa1cuXLv3r33799/5ZVXwsPDQ0NDX3zxxQcPHohtfvDgwUsvvRQeHr5mzZrf/va3jx49YjRZVu/q1at/+tOfoq7mOG5oaOjHP/5xYGBgXFzc6dOn8bzHV1999fOf/zwwMHDt2rW/+c1vsFISWhlZXzx69Ojo0aNPPfXUypUrn3/++fv379Na6laPYW+628/kqBgcHNyxY0dgYOD69esvXrzI8MJzzz138uRJdPXmzZt+fn64V1966aVXXnmF0e0K/St2JcNCWvnXX39dfL/IuhIZL3mvSRoguINI4QxRnNQTgFbe39//7t27K1euRBV7e3ujoqIE990f//jHHTt2YOG/+tWvdu/eTdOuZJArgeZByXFOcxPgAfIxxuFwmEwmo9HY0dFht9srKio4jgsODu7p6dFoNE6nMzc3lzx87rnnHA5HR0dHZ2dnZ2dnV1dXbW0tEpWdnZ2XlzcwMNDe3p6enq5WqyU10ibKQkNDSaUCI3t6esxmc1NTU3p6Ok2XwOyurq7CwsLh4WGz2RwTE1NSUkI2ub293WQy2e32DRs2jI6Odnd3X79+vb+//9ixY2KbS0tL7XZ7V1dXa2vrlStXGhoaGE1m6O3u7kZdPTAwgBWVlJT4+vr29vbq9frz589jpdXV1dPT093d3a2trQaDobGxUWwYrYysL2pra/V6vV6vt1qtUVFRFouF0VLlPUY6161+JiuWlJQEBQVZLJaWlhbyCS62LTs7W6/Xo6tXr16dnZ1tbW1Fh3q9Pisri9HtSvxLcyXNQsnyDoej8/+Q94sSV9LuNUkDGHcQQ5TkE4BRHnPr1q3Dhw+fOnVKcN/pdDqDwfDFF19gzz777LM0abQBHC5CstNkPSg5zmluBTyBZ9Lf389x3NTUFDo0Go3x8fH4kkajIUuiQ1RlYGAAnb906VJKSgrP82NjYyqVyul0irUMDAzExsaivx0Oh0ajGRsbkzwklQo04jJsXQKzMb29vREREVjaxMQEOt/e3u7j4zM9PY17YN26dQI5MzMzGo2mr68PHV65ciUtLY1tBk0v7ur29nbU1TMzM2q1Ggu/dOnSqlWr0N9hYWEOhwP9bTKZUlNTxQ2ULKPEMK1W29XVJTgp2VKFPcZ/3ZvKawkqog4hBxjqEEnb7HZ7QEAAamlqamp5efn+/fuR9qCgIJfLRet2Jf4VgF1Js1CyPO1+EQ9UsStpdRkG0MY/wwzJJwCtPMZms8XHx7///vuSetPS0pqbm/F5q9VKkyY5gJF8AYwGMjwoOc5JyDtUsusANirZIKTRaPBqiqioqLGxMdkqarV6zZo16O8NGzYMDAxwHLd69eqcnJy0tLStW7dGRUWlpKT88Ic/xGKNRiP6+9q1a6mpqXg6SHDIMJIsw9BF8vHHHx85csRisbhcrtnZ2dnZWSwtODgY/R0TExMUFOTv749NFS80GBkZcblccXFxuMnoDqSZwdCLuzomJgZ19cjIyOzsLCkc/TE+Pj46OhobG4sOZ2dnVSqhN2llZPtncnJybGwsKSlJYUsV9pjAm8r7maw4MjLCcRw5wBi2RUZGJiQkGI3GjRs32u32ysrKhISER48e6fX6bdu2oZk3yW5X0mqO4kqahbTykveLAJorJesyDGBAM4P2BGCbnZOTU1ZWtnfvXkldOp3u6tWru3fvvnr1alZWlq+vr6Q0xiCPjo5W0igEzYO0cU67QwEPkI8x88h7771348YNs9lst9vLy8ufeeaZP/zhDxzHLV++PDIyEpVhrFqeF10kOp2uoKCgsbFRrVbbbLbMzExPW+aeGfOi1+l0+vj4dHZ24rvOx0c488koo6R/5v1n4QVZUZaVlaXX6/v6+rKzs4ODg5OTkw0GA54omyPuutJj10u60uVyzcl6rzE0NNTd3f2f//yHVmDXrl1oTvvq1at5eXm0YowBLJ4cu3fvnmfWisf5Y3gyfINgv+aIJ8RoL920ubLLly8LXqIRJpMpJiZGcHJmZiYsLAy/0goOefpcGfsdltSFC4+MjKhUKrIMahqjyeShB3MpyAx39aJ5j/7+fnSenPfQaDTi13yBHMkyjP7BaLVak8kkOEmbK1PSYwJvKqwlriiYCLp8+TJjrozneaPRmJqaunPnzpaWFp7nGxoaSktLIyIi7HY7wwwl/qW5kmahZHna/SIe1WJX0urSDJAUyxbF6B/GbT4zM0PetpJ6ExMT9Xr9qlWrpqamGNJoA3ge58oE41zhHQooxPMY43A4VCqV1WoVHKLhkpOTY7PZzGZzcnJyVVUVz/MWiyUzM7OtrW10dHRgYKCgoCA7OxtLRjPmBoMhMTERnxQc8opjDEMXabZWq21oaJiYmLBarTqdzq0YMzU1pVKpenp6ZmZmeJ4vKCjYuXPnwMCA2WzetGlTXV0dwwx39ebk5Oh0uv7+frPZnJSUhM8XFRWlpaWhd5Ha2trq6mqxYZJlaIaRv9DU1NSkpqZ2d3fbbLaSkhKDwYDOi1uqsMcE3lQeY8TDQKfTkQMMl5T0AupwrVaLWmez2YKCgpKTk9lmKPEvzZUMC8XlafeLwABJV9LqMgwQtBd7nCaKHWMkVQskIwSPC57nKysrk5KS0MBjSJMcwAyQwc6vMzMzQ/Og5DiXdKvYI4ASPI8xPM9XVVUFBAQ0NTWRh6dPn9ZoNCdOnNBqtatWrTpw4AD6IdflclVVVSUkJPj6+mq12tzc3OHhYYGWw4cPHzt2DMsXHPKKYwxDF2m2wWBISUlRq9URERHl5eVuxRie5ysqKnDzHQ5HYWFhWFhYTExMVVUVGoU0M9zVOzw8nJ2drdFoYmNjT5w4gc87nc6ysrKYmJiAgICsrCz8bxppmGQZScMEBszMzBw5ciQsLEytVut0utHRUXRe3FKFPSbwpvJ+Fg8Dm822fft2jUaTkJBw6tQp8v8esRd4nt+/f39OTg6unpKSggUyzJD1L82VDAvF5ZEBtbW1gvtFYICkK1Fd8b3GMEDyDsJ/i0Wx3/MkVYu9iRA8LkwmE8dx6JAhjTbIaeCfykgaGxtpHpQc5zS3CjwCKEEmxnjAXN4oExISrl+/TjsEeJ7v6enRarULbYUneOxNGAY05nH2xl1Rc1ftcDjUajVeZAjTUE8qj/U3f1lu3brFOAQ4jjOZTPHx8QtthSd47E0YBk8k165dS09P90auOWBRsRhzySx+3MowP5d09Kjuq6+++vbbb9+7d+/DDz88duxYUVGRZ9I8Nm8xZNRfDDbIAnsWKGRycrK+vn7Pnj0LbQjgdSDGuI1bGebnko4e183IyGhoaIiJicnNzS0tLX3hhRc8kOaxeYsho/5isEEW2LNAOfh3l4U2BPA68jFGYUZrnDB87dq1OEuEVyGzhc972m0yGZrgdZ78VkOgV2yG4MMOt+zEdbds2dLV1eVyuXp7e8vKypYtW7Zs2TJSlMddoeS7E7LMF198cejQobVr1/r7+69fv/711193K3+UEtskk8AviYzLjIHBOMnNoXXzeK+5K2qOqr/66qu//vWvOKftY3toAAuA7C82Sn6OGx0d9fHxMZlMj3NVH20V5vwKF6+QSU1NvXbt2vDw8IEDBzo7OzUaTW9v7/79+8UrrHBhnucly7NtwHXR+suenp5Vq1bh5Zj81xeeSi4WkgWrUFgGraLu6ekZGRnR6/UZGRkdHR0KdSFk3SRpvxI7FxzGwGB7f0m0DgA8Y35izIIsC/GqUpvNtmnTJvQHTpHE87zdbl+1apXL5eJ5/p133lm3bp1KpUpOTm5tbSVriQtLlmcgqMtT1oPiSx7EGLEKdpnp6WmVSoUzjHkJsf1K7Fxw2AODdpJfIq0DAI9x4/cYWhZ0QcJwyRza4vT7ylO7S+bZFmQLJ2chGAbIpnD/+9//jv6Ijo6+ceMG+uPDDz/EBcgM82QWI5TiAtcSF5YsT9Murktzh7grBMUYqdFpKmhmIPvFWdE4SoJ0mtM5emZ4ybbIdoUYsgmyBcTbHOzdu/f3v/89LrB582ZkDG2TBcmOQmBH07zvQesAYCkhG4UESWIOHDhgt9utVmt6enpxcTEqgxN3z8zM5OfnZ2dnC76nxXWHh4dbW1t7enrQmdzcXJvNhqSFhYXl5eUh4RkZGaWlpUh4Y2PjO++8MzExMTw8XFZWptPpxErJf37ZBoiNR3R0dGzduhUlWGWQlZV14cIFnueHh4dzc3PZc1+4sGx5sXayLnaE4CtF3GRaV/A8f+zYsX379vX19VksloyMjPr6eoYKWTN27tyZnZ3d3t6OU+EiampqUlJS0MfSpaWl6GNpSaeTYyknJ2dgYKC3tzcxMRF/1022hWanLBEREVu3bu3s7BRfErdRq9WeO3dubGysr6/vzJkzfX19zc3NOJeJ3W5Xq9Xo7W3Xrl06nW54eLi3t5dMuMDLDQyG9z1oHQAsIdyOMeIs6GQZWl6gflH6/X53UrtjcJ5tnjJBxDZA0nir1bpnz56QkJCamhrBo1OAYKMBnjkxJS4sWV5SO60uLcYw5spoqdEFKhSaMTU1VVFRkZCQoFKp1q1bh7+XlkyQLul0yaR2ZC53gf2SXSGLw+GoqakJCQnZs2cPzl8i2UbJbQ6mp6eDgoKQeQ0NDTt37uSZmywoHBjik4KK5CYXAPBk4F6MoWXdwJfsdruvry8uY7VaaVsvKE8l0tXVtW3btqioqLCwsJCQEHZWDIUGkPJVKpVOp1PyM8OlS5e2bt0qW8ytwpLaJet6EGNQGvaw/xMSEoJzBAhUKDcD4XQ6jUZjWlra8ePHJyYmVCqV+DWO4fT+/n61Wo3PWywWbJiglsCGMALaGczY2JhOp8P5DWmO3rdvX3Jycnl5+alTp/71r3/hk+gNeNu2beg9QzC0LBYLdodbA4NEUHFmZgZl6gSAJ4Yl8H2MTqfbsmWLwWAwmUwtLS3zLr+6utpgMBQXF9++fZtd0q01pgoLS2qfr6W6ODW6yWQymUzd3d0oSZRYhbtm+Pn5bd68ua6u7i9/+Qs646X94QU2mAhoZxC3b99GKQ6rq6vRGZqj33vvvXPnziUlJblcrvLy8oMHD3Ict2fPnsuXL4+Pj3d0dLi1vHsurSM3uQCAJwTZKOTWewxjqsqz9xhanm2e8s+7QgME6kZHR8vKyjQaTVFREa0fxBsNMHCrsEA7ra5nc2UaqdTokiqUmCGYSzQYDGjKUXIjAPZ7DEfJ5U7WcqsbSYqKijQaTXl5OU7lKdlGMXibA6fTGRIScvbs2V27dmFjJDdZ8NhIjysCwBJint9jli9fvm/fvrKysrt373766adVVVX79++fi8Dw8PCQkJA//elPk5OTn3/+eVVVFb4UFhbmdDo///zzuRsQGhr6xhtvmM1mh8NBK2M0GiMiIvBWemzcKizQ7lZdBNkVISEhTqfz1q1baAlZbm5ucXHxp59+OjQ0dPLkyVdffZWmQtaMW7duxcfH//nPfx4aGpqcnPzggw+Ki4sLCgo4jisrKyssLPzkk08GBwcPHjz4wQcfKDG7vLx8cHAQuSk7O1vcFg+6AuFwOMxm8+nTp0NDQxlt5Djus88+e/bZZ//5z3/ev3//7t279fX1ycnJHMf5+fllZmZWVlbu27cPlVy+fHl2dnZZWdmdO3eQzei8x0aKKz548EC8MhAAljayUcit9xiekgV9Lr/H0PJs80S2cHcNYHxrQkOcYX6+Ciusy3iP4b+eOF02t78S8yTLtLS0ZGRkBAUFBQQEJCUlvfXWW+i8ZIJ09nsMIzM8bstculEhjG0gLl++rNFoSMMkN1nw2Ej21hUA8GQw/7n9n1TcyjA/l3T0jyGVvRIVXjVD4cN0MWf1x5sszOOeBRBjgCePxZXbfzHjVob5uaSjfwyp7JWoWAwZ9ReDDTTwJgvzu2cBY3N7AFiKLIF1ZbLcvHnz5Zdf9raWhw8f/uQnP/nvf//LUPpNy9C+CImLi7tx4wbpqXnEq5sscBwXERFx9uzZ+ZUJAAvLkxBj8vLyYmNjva1lxYoVvr6+hw8fpin9BmZoX2wgF3z3u98lPTWPeG+TBYSfn5+XloADwIKhZEKtrq4uPj7e19c3OTm5paWFXVhyTtktCWKBjN/nUcpndjZfj6e5JyYmampq8GFXVxf6olNS6e9+97uSkhJ8SGsyud+4j49PbGxsdXU1XpggdtDZs2fRJR8fH5SjhRRFLrsga8XExFRUVOBMi5I/v5O9WldXFxsbGxAQkJqaqtfrJa0Vi2U0U1apbIskh6vFYsGFL1y4kJCQQH77iV2APQUAwMIiH2PQ00ev14+MjFy8eDEkJETwXBAgfrK4K0EskBFjvJoWWrwaTXKJHYLM0M5oMqqL8vNPT0+j/C7V1dWCSxgy/MTHx5NfqIiX9mGxZrP5mWeeOX78OK0HyLooTrS1tY2OjjY3N4eFhbW3tysRy/asbIxht0i8o8HBgwcPHDiACyclJaG1c2IXwI/nALBIkI8xUVFRbW1t+PDs2bPZ2dmM8uLb210JYoGLP8YIMrQzmiyu297evnHjRrad/f39AQEBmzZtIj8epC0fRxiNxg0bNtCuknUF1jY2NjKsJcWyPSsbY9gtEp+x2+0ajQZ9BdnS0hIfH0++xJAugBgDAIsEmd9jJicn7XZ7eno6PrNlyxaLxcIpzpbPkMBR8vZzHDc4OLhjx47AwMD169dfvHiRbSQJTSCJZLp7cSJ6ds58AWSGdnaTxajV6pmZGdmm+fj4nD9/vqmp6R//+IdsYY7jfH19XS6XbDGxtfn5+fX19bJi3W2mGHdbFBkZmZeXV1tby3HciRMnKioqyF8vlGxVAADAY0YmxjgcDrVaTd63QUFBU1NT+Gp3d7fRaOzo6BgYGDh27Ji7Erq6ugoLC4eHh81mc0xMTElJCTpfUlISFBRksVhaWlrIGBMuQqCOJpCkurp6enq6u7u7tbXVYDA0NjZiU3t6esxmc1NTU3p6enBwMM4zn5uby+4oMvEUu8kC7t27d/z4cZ1Ox5aP+M53vlNVVZWfny8ZzknGx8crKyvRR/hsxNauWLFi7dq1smLdaiYN5S1CVFRUXLx48W9/+1t/f79gmS8taVheXt6PfvQjcl8fAAAeH+zXHPGcQ19fH5q76Kdky6fNL4klCMB5+1FiKDLxOy5vE8GYFcECBWUk0933ixLRM9oiOC/I0M5uMlKEEyGr1eqioiK0fIC8hMCLCMiEbGlpaehnCfHPG1isj49PZmYmwwu4Lnnp8OHDSAK5awNNrKxnZefK2C0SV0EUFRWp1eqGhgbyJMMFknn+AQB4PMh8g4lytpNnZmdn8U6IGo0G7z4ZExODMsm7JeHjjz8+cuSIxWJxuVyzs7Nor8CRkRGO49asWYPKbNiwAdeNjo4WyL9z5w55KCmQZHx8fHR0FC87FjSH3NlQOdeuXUtNTcV12U3mOC4gIAAlCfbx8dFqteSED76EDwW6li9ffv78+eTk5F27dqHMWpJ1+/r6ysrK3nzzzUOHDrGNJ609fvx4WVmZzWbLzMyUFSvbTIUwWiRJcXFxU1NTfn4+eVLgApKVK1cePXq0qKgoPz9/48aNDx8+dNdCAAA8RuaJgGaKHj58iKdEpqamgoKClCtgS9DpdAUFBY2NjWq1WvBok0Q8OdbZ2UkeygrE6e7x01By22O3EMzSyHaaj4+POFjKXsJ8+9vfrqmpKSwsFOx0QNaNjo6uq6vLz89HMSYgIMDpdD569AjHM4fDgQIYaW1wcHBwcPDIyAgZ22hiZZvJUKqwRZIEBQWpVCo/Pz/yJDu7/u3btysrK8k8/wAAPB5kHq/BwcFRUVHt7e34DFoEpVwBQ8K9e/fsdvuvf/3rb33rW9HR0Wq1GhXQarUcx929excdWq1WXNckgtRFE0gSGRkZEBAwNjYW/X/muGPHo0ePrl69Sj7g5t5pshw6dGjjxo2SvzZhyPcMlL76+vXr+KrBYEhKSsLWGo1GfKmtrQ1dYouVbSZDqWctoiF2AcnLL7+cnJwcERFhtVqPHj3qgXwAADxHdjYNfwMxOjr6/vvv428gaJmMp6amVCpVT08PXldKk8DzvFarbWhomJiYsFqtOp0Oz7zrdLqcnBybzWY2m5OTkxlrlwcGBsgdFSUFCkwqKipKS0szm812u722tpb8NkUg3OFwqFQqPInf29uLBJJKDQZDYmKiwk6jKSIv0b6PEf/4odFoJL+PcTqdFotly5YtxcXFuHx9fX1CQoLBYEAfwYSEhOCPYPD3MSMjIxcuXAgJCTEajUrEMpopq1S2RbiY+IygotgF2FM8z+fm5uJNXwAAeMx4/p0/I1s+mVueIYGn5+232Wzbt2/XaDQJCQmnTp1ixBin06lWq3EYoAmUTXdPe/STOfObm5uTkpIESmmp3Rnf+TNijPifAPydv7hWY2Mj7Tt/rVZbWFiIV2Qgzpw5Exsb6+vrm5iYeOnSJYG16NKmTZvIT15kxcpmcKAplW0RLiYbY8QuwJ4CAGBheRJy+5eWlnq2m7pbOJ3O2NjYc+fOCZQu5vzz3xAELhB4CgCABWQZT0kMtYR4+PChyWT63ve+521F//73v7///e8/ZqWAB5CeAgBgAXkSYgwAAACwOHkScvsDAAAAixOIMQAAAIC3gBgDAAAAeAuIMQAAAIC3gBgDAAAAeAuIMQAAAIC3gBgDAAAAeAuIMQAAAIC3gBgDAAAAeAuIMQAAAIC3gBgDAAAAeAuIMQAAAIC3gBgDAAAAeAuIMQAAAIC3gBgDAAAAeAuIMQAAAIC3gBgDAAAAeAuIMQAAAIC3gBgDAAAAeAuIMQAAAIC3gBgDAAAAeAuIMQAAAIC3+B8OfQywM+zhDwAAAABJRU5ErkJggg==) --- **Screenshot:** ![firstamlosangeles.com vulnerability](/twimages/screen-1271579.jpg) **Mirror:** [Click here to view the mirror](<http://1271579.openbounty.org/mirror/>) ### Coordinated Disclosure Timeline Vulnerability Reported:| 23 August, 2020 23:31 GMT ---|--- Vulnerability Verified:| 23 August, 2020 23:44 GMT Website Operator Notified:| 23 August, 2020 23:44 GMT a. Using the ISO 29147 guidelines| ![](/images/done.png) ---|--- b. Using publicly available security contacts| ![](/images/done.png) c. Using Open Bug Bounty notification framework| ![](/images/done.png) d. Using security contacts provided by the researcher| ![](/images/done.png) Public Report Published [without any technical details]:| 23 August, 2020 23:44 GMT Vulnerability Fixed:| 26 September, 2020 17:46 GMT ---|---

{"id": "OBB:1271579", "type": "openbugbounty", "bulletinFamily": "bugbounty", "title": "firstamlosangeles.com Cross Site Scripting vulnerability OBB-1271579 ", "description": " \n\n\nFollowing coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147](<https://www.iso.org/standard/45170.html>)** standard, Open Bug Bounty has: \n\n&nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; \n&nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence.\n\nAffected Website:| **[firstamlosangeles.com](<https://firstamlosangeles.com>) ** \n---|--- \nOpen Bug Bounty Program:| **Create your bounty program now**. It's open and free. \nVulnerable Application:| Custom Code \nVulnerability Type:| **[XSS (Cross Site Scripting)](<https://www.owasp.org/index.php/Cross-site_Scripting_\\(XSS\\)>)** / CWE-79 \nCVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] \nDisclosure Standard:| Coordinated Disclosure based on **[ISO 29147](<https://www.iso.org/standard/45170.html>)** guidelines \nDiscovered and Reported by:| **Tanzil ** \nRemediation Guide:| **[OWASP XSS Prevention Cheat Sheet](<https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.md>)** \nExport Vulnerability Data:| Bugzilla Vulnerability Data \nJIRA Vulnerability Data [ Configuration ] \nMantis Vulnerability Data \nSplunk Vulnerability Data \nXML Vulnerability Data [ XSD ] \n \nVulnerable URL:\n\n![](data:image/png;base64, iVBORw0KGgoAAAANSUhEUgAAAiEAAABLCAIAAAAphcDFAAAACXBIWXMAAA7EAAAOxAGVKw4bAAAcbElEQVR4nO2dfVBU1xXAn7jCggsoHxu+HIFadCxDGEsZTKllrKOEMs5GiVpLDaEMIQwiZYxFayklLTH4EUMpZVKTIY5jMh3qWMdhqN2hnQ3dGoJkJZsNbpBBXBaKyFdWslmR1z/u9M7Ne+/e93ZhBcz5/cV7795zzr3nvnd4d+87dxnP8xwAAAAAeAGfhTYAAAAAeGKBGAMAAAB4C4gxAAAAgLeAGAMAAAB4C4gxAAAAgLeAGAMAAAB4i8UbY+Li4m7evEk7BJY0HnsThgEALC0WaYz55JNPZmdnn376aclDYEnjsTdhGADAkkMmxty5cycwMFDy0uTk5GuvvUY7nCNXrlzZuXOn5OEvfvELf3//d999l2Ebg/my0zPtj4FFaxhG4Nw5Vrxz587q1avnwy6h2PnqRraFNEXeMwDfQQrrumvG+Pj4iy++GB4eHh0d/ctf/vLhw4fcfD8fGHhv/C/+O2tx4vl7zMTERE1NDe1wjtBizP379+vq6q5fv56bm7t27drR0VF3Jc+vnYAHzG+MAdyCvIO8pCIvL8/lcplMpra2NqPRWFlZycF99w1mMc6VDQ0NWa3WjIwM8aHD4QgICHj66aeXL1/OcZyfn9/CmQl4gsC5j6EiQCK4g+adL7/8squr66233oqOjl6/fv2ZM2eam5u9oQhYKiiKMW+++WZcXFxoaOjPfvazyclJjuMmJydjY2MdDseyZcveffdd8vDMmTOBgYEnT5586qmnVq9e/cILL3z55ZdIzkcfffSDH/wgMDAwOjp69+7dn332maS6K1eubN++fcWKFYLD+/fvk0rxqyv647XXXgsPD4+MjHz77bdpugRmf/TRR5s3b/b39w8PD3/++ecHBwextNOnT8fFxa1cuXLv3r33799/5ZVXwsPDQ0NDX3zxxQcPHohtfvDgwUsvvRQeHr5mzZrf/va3jx49YjRZVu/q1at/+tOfoq7mOG5oaOjHP/5xYGBgXFzc6dOn8bzHV1999fOf/zwwMHDt2rW/+c1vsFISWhlZXzx69Ojo0aNPPfXUypUrn3/++fv379Na6laPYW+628/kqBgcHNyxY0dgYOD69esvXrzI8MJzzz138uRJdPXmzZt+fn64V1966aVXXnmF0e0K/St2JcNCWvnXX39dfL/IuhIZL3mvSRoguINI4QxRnNQTgFbe39//7t27K1euRBV7e3ujoqIE990f//jHHTt2YOG/+tWvdu/eTdOuZJArgeZByXFOcxPgAfIxxuFwmEwmo9HY0dFht9srKio4jgsODu7p6dFoNE6nMzc3lzx87rnnHA5HR0dHZ2dnZ2dnV1dXbW0tEpWdnZ2XlzcwMNDe3p6enq5WqyU10ibKQkNDSaUCI3t6esxmc1NTU3p6Ok2XwOyurq7CwsLh4WGz2RwTE1NSUkI2ub293WQy2e32DRs2jI6Odnd3X79+vb+//9ixY2KbS0tL7XZ7V1dXa2vrlStXGhoaGE1m6O3u7kZdPTAwgBWVlJT4+vr29vbq9frz589jpdXV1dPT093d3a2trQaDobGxUWwYrYysL2pra/V6vV6vt1qtUVFRFouF0VLlPUY6161+JiuWlJQEBQVZLJaWlhbyCS62LTs7W6/Xo6tXr16dnZ1tbW1Fh3q9Pisri9HtSvxLcyXNQsnyDoej8/+Q94sSV9LuNUkDGHcQQ5TkE4BRHnPr1q3Dhw+fOnVKcN/pdDqDwfDFF19gzz777LM0abQBHC5CstNkPSg5zmluBTyBZ9Lf389x3NTUFDo0Go3x8fH4kkajIUuiQ1RlYGAAnb906VJKSgrP82NjYyqVyul0irUMDAzExsaivx0Oh0ajGRsbkzwklQo04jJsXQKzMb29vREREVjaxMQEOt/e3u7j4zM9PY17YN26dQI5MzMzGo2mr68PHV65ciUtLY1tBk0v7ur29nbU1TMzM2q1Ggu/dOnSqlWr0N9hYWEOhwP9bTKZUlNTxQ2ULKPEMK1W29XVJTgp2VKFPcZ/3ZvKawkqog4hBxjqEEnb7HZ7QEAAamlqamp5efn+/fuR9qCgIJfLRet2Jf4VgF1Js1CyPO1+EQ9UsStpdRkG0MY/wwzJJwCtPMZms8XHx7///vuSetPS0pqbm/F5q9VKkyY5gJF8AYwGMjwoOc5JyDtUsusANirZIKTRaPBqiqioqLGxMdkqarV6zZo16O8NGzYMDAxwHLd69eqcnJy0tLStW7dGRUWlpKT88Ic/xGKNRiP6+9q1a6mpqXg6SHDIMJIsw9BF8vHHHx85csRisbhcrtnZ2dnZWSwtODgY/R0TExMUFOTv749NFS80GBkZcblccXFxuMnoDqSZwdCLuzomJgZ19cjIyOzsLCkc/TE+Pj46OhobG4sOZ2dnVSqhN2llZPtncnJybGwsKSlJYUsV9pjAm8r7maw4MjLCcRw5wBi2RUZGJiQkGI3GjRs32u32ysrKhISER48e6fX6bdu2oZk3yW5X0mqO4kqahbTykveLAJorJesyDGBAM4P2BGCbnZOTU1ZWtnfvXkldOp3u6tWru3fvvnr1alZWlq+vr6Q0xiCPjo5W0igEzYO0cU67QwEPkI8x88h7771348YNs9lst9vLy8ufeeaZP/zhDxzHLV++PDIyEpVhrFqeF10kOp2uoKCgsbFRrVbbbLbMzExPW+aeGfOi1+l0+vj4dHZ24rvOx0c488koo6R/5v1n4QVZUZaVlaXX6/v6+rKzs4ODg5OTkw0GA54omyPuutJj10u60uVyzcl6rzE0NNTd3f2f//yHVmDXrl1oTvvq1at5eXm0YowBLJ4cu3fvnmfWisf5Y3gyfINgv+aIJ8RoL920ubLLly8LXqIRJpMpJiZGcHJmZiYsLAy/0goOefpcGfsdltSFC4+MjKhUKrIMahqjyeShB3MpyAx39aJ5j/7+fnSenPfQaDTi13yBHMkyjP7BaLVak8kkOEmbK1PSYwJvKqwlriiYCLp8+TJjrozneaPRmJqaunPnzpaWFp7nGxoaSktLIyIi7HY7wwwl/qW5kmahZHna/SIe1WJX0urSDJAUyxbF6B/GbT4zM0PetpJ6ExMT9Xr9qlWrpqamGNJoA3ge58oE41zhHQooxPMY43A4VCqV1WoVHKLhkpOTY7PZzGZzcnJyVVUVz/MWiyUzM7OtrW10dHRgYKCgoCA7OxtLRjPmBoMhMTERnxQc8opjDEMXabZWq21oaJiYmLBarTqdzq0YMzU1pVKpenp6ZmZmeJ4vKCjYuXPnwMCA2WzetGlTXV0dwwx39ebk5Oh0uv7+frPZnJSUhM8XFRWlpaWhd5Ha2trq6mqxYZJlaIaRv9DU1NSkpqZ2d3fbbLaSkhKDwYDOi1uqsMcE3lQeY8TDQKfTkQMMl5T0AupwrVaLWmez2YKCgpKTk9lmKPEvzZUMC8XlafeLwABJV9LqMgwQtBd7nCaKHWMkVQskIwSPC57nKysrk5KS0MBjSJMcwAyQwc6vMzMzQ/Og5DiXdKvYI4ASPI8xPM9XVVUFBAQ0NTWRh6dPn9ZoNCdOnNBqtatWrTpw4AD6IdflclVVVSUkJPj6+mq12tzc3OHhYYGWw4cPHzt2DMsXHPKKYwxDF2m2wWBISUlRq9URERHl5eVuxRie5ysqKnDzHQ5HYWFhWFhYTExMVVUVGoU0M9zVOzw8nJ2drdFoYmNjT5w4gc87nc6ysrKYmJiAgICsrCz8bxppmGQZScMEBszMzBw5ciQsLEytVut0utHRUXRe3FKFPSbwpvJ+Fg8Dm822fft2jUaTkJBw6tQp8v8esRd4nt+/f39OTg6unpKSggUyzJD1L82VDAvF5ZEBtbW1gvtFYICkK1Fd8b3GMEDyDsJ/i0Wx3/MkVYu9iRA8LkwmE8dx6JAhjTbIaeCfykgaGxtpHpQc5zS3CjwCKEEmxnjAXN4oExISrl+/TjsEeJ7v6enRarULbYUneOxNGAY05nH2xl1Rc1ftcDjUajVeZAjTUE8qj/U3f1lu3brFOAQ4jjOZTPHx8QtthSd47E0YBk8k165dS09P90auOWBRsRhzySx+3MowP5d09Kjuq6+++vbbb9+7d+/DDz88duxYUVGRZ9I8Nm8xZNRfDDbIAnsWKGRycrK+vn7Pnj0LbQjgdSDGuI1bGebnko4e183IyGhoaIiJicnNzS0tLX3hhRc8kOaxeYsho/5isEEW2LNAOfh3l4U2BPA68jFGYUZrnDB87dq1OEuEVyGzhc972m0yGZrgdZ78VkOgV2yG4MMOt+zEdbds2dLV1eVyuXp7e8vKypYtW7Zs2TJSlMddoeS7E7LMF198cejQobVr1/r7+69fv/711193K3+UEtskk8AviYzLjIHBOMnNoXXzeK+5K2qOqr/66qu//vWvOKftY3toAAuA7C82Sn6OGx0d9fHxMZlMj3NVH20V5vwKF6+QSU1NvXbt2vDw8IEDBzo7OzUaTW9v7/79+8UrrHBhnucly7NtwHXR+suenp5Vq1bh5Zj81xeeSi4WkgWrUFgGraLu6ekZGRnR6/UZGRkdHR0KdSFk3SRpvxI7FxzGwGB7f0m0DgA8Y35izIIsC/GqUpvNtmnTJvQHTpHE87zdbl+1apXL5eJ5/p133lm3bp1KpUpOTm5tbSVriQtLlmcgqMtT1oPiSx7EGLEKdpnp6WmVSoUzjHkJsf1K7Fxw2AODdpJfIq0DAI9x4/cYWhZ0QcJwyRza4vT7ylO7S+bZFmQLJ2chGAbIpnD/+9//jv6Ijo6+ceMG+uPDDz/EBcgM82QWI5TiAtcSF5YsT9Murktzh7grBMUYqdFpKmhmIPvFWdE4SoJ0mtM5emZ4ybbIdoUYsgmyBcTbHOzdu/f3v/89LrB582ZkDG2TBcmOQmBH07zvQesAYCkhG4UESWIOHDhgt9utVmt6enpxcTEqgxN3z8zM5OfnZ2dnC76nxXWHh4dbW1t7enrQmdzcXJvNhqSFhYXl5eUh4RkZGaWlpUh4Y2PjO++8MzExMTw8XFZWptPpxErJf37ZBoiNR3R0dGzduhUlWGWQlZV14cIFnueHh4dzc3PZc1+4sGx5sXayLnaE4CtF3GRaV/A8f+zYsX379vX19VksloyMjPr6eoYKWTN27tyZnZ3d3t6OU+EiampqUlJS0MfSpaWl6GNpSaeTYyknJ2dgYKC3tzcxMRF/1022hWanLBEREVu3bu3s7BRfErdRq9WeO3dubGysr6/vzJkzfX19zc3NOJeJ3W5Xq9Xo7W3Xrl06nW54eLi3t5dMuMDLDQyG9z1oHQAsIdyOMeIs6GQZWl6gflH6/X53UrtjcJ5tnjJBxDZA0nir1bpnz56QkJCamhrBo1OAYKMBnjkxJS4sWV5SO60uLcYw5spoqdEFKhSaMTU1VVFRkZCQoFKp1q1bh7+XlkyQLul0yaR2ZC53gf2SXSGLw+GoqakJCQnZs2cPzl8i2UbJbQ6mp6eDgoKQeQ0NDTt37uSZmywoHBjik4KK5CYXAPBk4F6MoWXdwJfsdruvry8uY7VaaVsvKE8l0tXVtW3btqioqLCwsJCQEHZWDIUGkPJVKpVOp1PyM8OlS5e2bt0qW8ytwpLaJet6EGNQGvaw/xMSEoJzBAhUKDcD4XQ6jUZjWlra8ePHJyYmVCqV+DWO4fT+/n61Wo3PWywWbJiglsCGMALaGczY2JhOp8P5DWmO3rdvX3Jycnl5+alTp/71r3/hk+gNeNu2beg9QzC0LBYLdodbA4NEUHFmZgZl6gSAJ4Yl8H2MTqfbsmWLwWAwmUwtLS3zLr+6utpgMBQXF9++fZtd0q01pgoLS2qfr6W6ODW6yWQymUzd3d0oSZRYhbtm+Pn5bd68ua6u7i9/+Qs646X94QU2mAhoZxC3b99GKQ6rq6vRGZqj33vvvXPnziUlJblcrvLy8oMHD3Ict2fPnsuXL4+Pj3d0dLi1vHsurSM3uQCAJwTZKOTWewxjqsqz9xhanm2e8s+7QgME6kZHR8vKyjQaTVFREa0fxBsNMHCrsEA7ra5nc2UaqdTokiqUmCGYSzQYDGjKUXIjAPZ7DEfJ5U7WcqsbSYqKijQaTXl5OU7lKdlGMXibA6fTGRIScvbs2V27dmFjJDdZ8NhIjysCwBJint9jli9fvm/fvrKysrt373766adVVVX79++fi8Dw8PCQkJA//elPk5OTn3/+eVVVFb4UFhbmdDo///zzuRsQGhr6xhtvmM1mh8NBK2M0GiMiIvBWemzcKizQ7lZdBNkVISEhTqfz1q1baAlZbm5ucXHxp59+OjQ0dPLkyVdffZWmQtaMW7duxcfH//nPfx4aGpqcnPzggw+Ki4sLCgo4jisrKyssLPzkk08GBwcPHjz4wQcfKDG7vLx8cHAQuSk7O1vcFg+6AuFwOMxm8+nTp0NDQxlt5Djus88+e/bZZ//5z3/ev3//7t279fX1ycnJHMf5+fllZmZWVlbu27cPlVy+fHl2dnZZWdmdO3eQzei8x0aKKz548EC8MhAAljayUcit9xiekgV9Lr/H0PJs80S2cHcNYHxrQkOcYX6+Ciusy3iP4b+eOF02t78S8yTLtLS0ZGRkBAUFBQQEJCUlvfXWW+i8ZIJ09nsMIzM8bstculEhjG0gLl++rNFoSMMkN1nw2Ej21hUA8GQw/7n9n1TcyjA/l3T0jyGVvRIVXjVD4cN0MWf1x5sszOOeBRBjgCePxZXbfzHjVob5uaSjfwyp7JWoWAwZ9ReDDTTwJgvzu2cBY3N7AFiKLIF1ZbLcvHnz5Zdf9raWhw8f/uQnP/nvf//LUPpNy9C+CImLi7tx4wbpqXnEq5sscBwXERFx9uzZ+ZUJAAvLkxBj8vLyYmNjva1lxYoVvr6+hw8fpin9BmZoX2wgF3z3u98lPTWPeG+TBYSfn5+XloADwIKhZEKtrq4uPj7e19c3OTm5paWFXVhyTtktCWKBjN/nUcpndjZfj6e5JyYmampq8GFXVxf6olNS6e9+97uSkhJ8SGsyud+4j49PbGxsdXU1XpggdtDZs2fRJR8fH5SjhRRFLrsga8XExFRUVOBMi5I/v5O9WldXFxsbGxAQkJqaqtfrJa0Vi2U0U1apbIskh6vFYsGFL1y4kJCQQH77iV2APQUAwMIiH2PQ00ev14+MjFy8eDEkJETwXBAgfrK4K0EskBFjvJoWWrwaTXKJHYLM0M5oMqqL8vNPT0+j/C7V1dWCSxgy/MTHx5NfqIiX9mGxZrP5mWeeOX78OK0HyLooTrS1tY2OjjY3N4eFhbW3tysRy/asbIxht0i8o8HBgwcPHDiACyclJaG1c2IXwI/nALBIkI8xUVFRbW1t+PDs2bPZ2dmM8uLb210JYoGLP8YIMrQzmiyu297evnHjRrad/f39AQEBmzZtIj8epC0fRxiNxg0bNtCuknUF1jY2NjKsJcWyPSsbY9gtEp+x2+0ajQZ9BdnS0hIfH0++xJAugBgDAIsEmd9jJicn7XZ7eno6PrNlyxaLxcIpzpbPkMBR8vZzHDc4OLhjx47AwMD169dfvHiRbSQJTSCJZLp7cSJ6ds58AWSGdnaTxajV6pmZGdmm+fj4nD9/vqmp6R//+IdsYY7jfH19XS6XbDGxtfn5+fX19bJi3W2mGHdbFBkZmZeXV1tby3HciRMnKioqyF8vlGxVAADAY0YmxjgcDrVaTd63QUFBU1NT+Gp3d7fRaOzo6BgYGDh27Ji7Erq6ugoLC4eHh81mc0xMTElJCTpfUlISFBRksVhaWlrIGBMuQqCOJpCkurp6enq6u7u7tbXVYDA0NjZiU3t6esxmc1NTU3p6enBwMM4zn5uby+4oMvEUu8kC7t27d/z4cZ1Ox5aP+M53vlNVVZWfny8ZzknGx8crKyvRR/hsxNauWLFi7dq1smLdaiYN5S1CVFRUXLx48W9/+1t/f79gmS8taVheXt6PfvQjcl8fAAAeH+zXHPGcQ19fH5q76Kdky6fNL4klCMB5+1FiKDLxOy5vE8GYFcECBWUk0933ixLRM9oiOC/I0M5uMlKEEyGr1eqioiK0fIC8hMCLCMiEbGlpaehnCfHPG1isj49PZmYmwwu4Lnnp8OHDSAK5awNNrKxnZefK2C0SV0EUFRWp1eqGhgbyJMMFknn+AQB4PMh8g4lytpNnZmdn8U6IGo0G7z4ZExODMsm7JeHjjz8+cuSIxWJxuVyzs7Nor8CRkRGO49asWYPKbNiwAdeNjo4WyL9z5w55KCmQZHx8fHR0FC87FjSH3NlQOdeuXUtNTcV12U3mOC4gIAAlCfbx8dFqteSED76EDwW6li9ffv78+eTk5F27dqHMWpJ1+/r6ysrK3nzzzUOHDrGNJ609fvx4WVmZzWbLzMyUFSvbTIUwWiRJcXFxU1NTfn4+eVLgApKVK1cePXq0qKgoPz9/48aNDx8+dNdCAAA8RuaJgGaKHj58iKdEpqamgoKClCtgS9DpdAUFBY2NjWq1WvBok0Q8OdbZ2UkeygrE6e7x01By22O3EMzSyHaaj4+POFjKXsJ8+9vfrqmpKSwsFOx0QNaNjo6uq6vLz89HMSYgIMDpdD569AjHM4fDgQIYaW1wcHBwcPDIyAgZ22hiZZvJUKqwRZIEBQWpVCo/Pz/yJDu7/u3btysrK8k8/wAAPB5kHq/BwcFRUVHt7e34DFoEpVwBQ8K9e/fsdvuvf/3rb33rW9HR0Wq1GhXQarUcx929excdWq1WXNckgtRFE0gSGRkZEBAwNjYW/X/muGPHo0ePrl69Sj7g5t5pshw6dGjjxo2SvzZhyPcMlL76+vXr+KrBYEhKSsLWGo1GfKmtrQ1dYouVbSZDqWctoiF2AcnLL7+cnJwcERFhtVqPHj3qgXwAADxHdjYNfwMxOjr6/vvv428gaJmMp6amVCpVT08PXldKk8DzvFarbWhomJiYsFqtOp0Oz7zrdLqcnBybzWY2m5OTkxlrlwcGBsgdFSUFCkwqKipKS0szm812u722tpb8NkUg3OFwqFQqPInf29uLBJJKDQZDYmKiwk6jKSIv0b6PEf/4odFoJL+PcTqdFotly5YtxcXFuHx9fX1CQoLBYEAfwYSEhOCPYPD3MSMjIxcuXAgJCTEajUrEMpopq1S2RbiY+IygotgF2FM8z+fm5uJNXwAAeMx4/p0/I1s+mVueIYGn5+232Wzbt2/XaDQJCQmnTp1ixBin06lWq3EYoAmUTXdPe/STOfObm5uTkpIESmmp3Rnf+TNijPifAPydv7hWY2Mj7Tt/rVZbWFiIV2Qgzpw5Exsb6+vrm5iYeOnSJYG16NKmTZvIT15kxcpmcKAplW0RLiYbY8QuwJ4CAGBheRJy+5eWlnq2m7pbOJ3O2NjYc+fOCZQu5vzz3xAELhB4CgCABWQZT0kMtYR4+PChyWT63ve+521F//73v7///e8/ZqWAB5CeAgBgAXkSYgwAAACwOHkScvsDAAAAixOIMQAAAIC3gBgDAAAAeAuIMQAAAIC3gBgDAAAAeAuIMQAAAIC3gBgDAAAAeAuIMQAAAIC3gBgDAAAAeAuIMQAAAIC3gBgDAAAAeAuIMQAAAIC3gBgDAAAAeAuIMQAAAIC3gBgDAAAAeAuIMQAAAIC3gBgDAAAAeAuIMQAAAIC3gBgDAAAAeAuIMQAAAIC3gBgDAAAAeAuIMQAAAIC3+B8OfQywM+zhDwAAAABJRU5ErkJggg==) \n--- \n \n**Screenshot:** ![firstamlosangeles.com vulnerability](/twimages/screen-1271579.jpg)\n\n**Mirror:** [Click here to view the mirror](<http://1271579.openbounty.org/mirror/>)\n\n### Coordinated Disclosure Timeline\n\nVulnerability Reported:| 23 August, 2020 23:31 GMT \n---|--- \nVulnerability Verified:| 23 August, 2020 23:44 GMT \nWebsite Operator Notified:| 23 August, 2020 23:44 GMT \na. Using the ISO 29147 guidelines| ![](/images/done.png) \n---|--- \nb. Using publicly available security contacts| ![](/images/done.png) \nc. Using Open Bug Bounty notification framework| ![](/images/done.png) \nd. Using security contacts provided by the researcher| ![](/images/done.png) \nPublic Report Published \n[without any technical details]:| 23 August, 2020 23:44 GMT \nVulnerability Fixed:| 26 September, 2020 17:46 GMT \n---|---\n", "published": "2020-08-23T23:31:00", "modified": "2020-09-22T23:31:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.openbugbounty.org/reports/1271579/", "reporter": "Tanzil", "references": [], "cvelist": [], "lastseen": "2020-10-03T02:34:11", "viewCount": 5, "enchantments": {"dependencies": {}, "score": {"value": 0.7, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.7}, "openbugbounty": {"patchStatus": "patched", "mirror": "http://1271579.openbounty.org/mirror/"}, "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645642129, "score": 1684004500, "epss": 1679002791}, "_internal": {"score_hash": "0d403653d5d504c3a636c00dc991bd9c"}}