IFRAME Injection vulnerability

ID OBB:143966
Type openbugbounty
Reporter ahmetomeroglu
Modified 2017-07-27T08:06:00


Vulnerable URL:;=&subsetItem;=&mediatype;=&includekeywords;=&exactverse;=&keyword;=%27%3Balert%28String.fromCharCode%2888%2C83%2C83%2C80%2C79%2C83%2C69%2C68+%29%29%2F%2F%27%3B&keyworddesc;=B&currsection;=&AudioOnly;=false&speakerwithin;=&x;=0&y;=0

Description| Value
Patched:| Yes, at 27.07.2017
Latest check for patch:| 27.07.2017 08:06 GMT
Vulnerability type:| IFRAME Injection
Vulnerability status:| Publicly disclosed
Alexa Rank| 40361
Google Pagerank| 4
VIP website status:| Yes
Check SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
Vulnerability submitted via Open Bug Bounty| 30 March, 2016 10:17 GMT
Generic security notifications sent to website owner| 30 March, 2016 10:20 GMT
Notification sent to subscribers (without technical details)| 30 March, 2016 14:17 GMT
Vulnerability details disclosed by researcher| 22 June, 2016 11:11 GMT
Vulnerability patched by the website owner| 27 July, 2017 08:06 GMT