exploratorium.edu XSS vulnerability

2016-03-30T15:02:00
ID OBB:144004
Type openbugbounty
Reporter Guitch404
Modified 2017-02-01T03:21:00

Description

Vulnerable URL:
http://www.exploratorium.edu/jscripts/feed2js/magpie_debug.php?url=0%221%3E%3Csvg/onload=alert(/XSSPOSED/)%3E
Details:

Description| Value
---|---
Patched:| Yes, at 31.01.2017
Latest check for patch:| 31.01.2017 14:59 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 37926
Google Pagerank| 7
VIP website status:| Yes
Check exploratorium.edu SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 30 March, 2016 15:02 GMT
Generic security notifications sent to website owner| 30 March, 2016 15:04 GMT
Customized security notification sent to website owner| 30 March, 2016 15:04 GMT
Vulnerability details disclosed by researcher| 22 June, 2016 15:11 GMT
Vulnerability patched by the website owner| 1 February, 2017 03:21 GMT