{"id": "OBB:1350510", "type": "openbugbounty", "bulletinFamily": "bugbounty", "title": "installation24.com Cross Site Scripting vulnerability OBB-1350510 ", "description": " \n\n\nFollowing coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147](<https://www.iso.org/standard/45170.html>)** standard, Open Bug Bounty has: \n\n&amp;nbsp&amp;nbsp&amp;nbsp&amp;nbsp&amp;nbsp&amp;nbspa. verified the vulnerability and confirmed its existence; \n&amp;nbsp&amp;nbsp&amp;nbsp&amp;nbsp&amp;nbsp&amp;nbspb. notified the website operator about its existence.\n\nAffected Website:| **[installation24.com](<http://installation24.com>) ** \n---|--- \nOpen Bug Bounty Program:| **View Open Bug Bounty Program** \nVulnerable Application:| Custom Code \nVulnerability Type:| **[XSS (Cross Site Scripting)](<https://www.owasp.org/index.php/Cross-site_Scripting_\\(XSS\\)>)** / CWE-79 \nCVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N] \nDisclosure Standard:| Coordinated Disclosure based on **[ISO 29147](<https://www.iso.org/standard/45170.html>)** guidelines \nDiscovered and Reported by:| **devl00p ** \nRemediation Guide:| **[OWASP XSS Prevention Cheat Sheet](<https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.md>)** \nExport Vulnerability Data:| Bugzilla Vulnerability Data \nJIRA Vulnerability Data [ Configuration ] \nMantis Vulnerability Data \nSplunk Vulnerability Data \nXML Vulnerability Data [ XSD ] \n \nVulnerable URL:\n\n \n--- \n \nResearch's Comment:\n\n \n--- \n \n**Mirror:** [Click here to view the mirror](<http://1350510.openbounty.org/mirror/>)\n\n### Coordinated Disclosure Timeline\n\nVulnerability Reported:| 20 September, 2020 16:31 GMT \n---|--- \nVulnerability Verified:| 21 September, 2020 09:09 GMT \nWebsite Operator Notified via Bug Bounty:| 21 September, 2020 09:09 GMT \nPublic Report Published \n[without any technical details]:| 21 September, 2020 09:09 GMT \n---|--- \nVulnerability Fixed:| 24 September, 2020 23:13 GMT \n---|---\n", "published": "2020-09-20T16:31:00", "modified": "2020-10-20T16:31:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.openbugbounty.org/reports/1350510/", "reporter": "devl00p", "references": [], "cvelist": [], "lastseen": "2020-10-27T03:21:50", "viewCount": 0, "enchantments": {"dependencies": {"references": [], "modified": "2020-10-27T03:21:50", "rev": 2}, "score": {"value": 0.6, "vector": "NONE", "modified": "2020-10-27T03:21:50", "rev": 2}, "vulnersScore": 0.6}, "openbugbounty": {"patchStatus": "patched", "mirror": "http://1350510.openbounty.org/mirror/"}}

{}