mobile.de XSS vulnerability

2016-06-02T04:18:00
ID OBB:157330
Type openbugbounty
Reporter dim0k
Modified 2016-07-06T20:19:00

Description

Vulnerable URL:
http://www.mobile.de/es/soy/compileJs?hash=2bc6c55ee7f6e0d69a2078a9f5780d65&file;=frontend/common_macros>
Details:

Description| Value
---|---
Patched:| Yes, at 14.06.2016
Latest check for patch:| 14.06.2016 07:38 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 497
VIP website status:| Yes
Check mobile.de SSL connection:| (Grade: A-)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 2 June, 2016 04:18 GMT
Generic security notifications sent to website owner| 2 June, 2016 04:20 GMT
Vulnerability patched by the website owner| 14 June, 2016 23:54 GMT
Vulnerability details disclosed by researcher| 6 July, 2016 20:19 GMT