umazda.com XSS vulnerability

2016-02-03T15:30:00
ID OBB:132894
Type openbugbounty
Reporter Lewis
Modified 2016-04-28T07:32:00

Description

Vulnerable URL:
http://www.umazda.com/VehicleSearchResults?bodyType=SUV">

##### Details:

Description| Value  
---|---  
Patched:| Yes, at  
Vulnerability type:| XSS  
Vulnerability status:| Publicly disclosed  
Alexa Rank| 1510344  
Google Pagerank| 3  
VIP website status:| No  
Check umazda.com SSL connection:| (Grade: F)

##### Coordinated Disclosure Timeline:

Description| Value  
---|---  
Vulnerability submitted via Open Bug Bounty| 3 February, 2016 15:30 GMT  
Generic security notifications sent to website owner| 3 February, 2016 15:33 GMT  
Notification sent to subscribers (without technical details)| 3 February, 2016 18:17 GMT  
Vulnerability details disclosed by researcher| 27 April, 2016 16:11 GMT  
Vulnerability patched by the website owner| 28 April, 2016 07:32 GMT