fbi.gov XSS vulnerability

2016-07-04T11:45:00
ID OBB:164040
Type openbugbounty
Reporter MLT
Modified 2016-07-28T11:03:00

Description

Vulnerable URL:
https://www.fbi.gov/homepage/remote-link?remote_url=javascript:alert('OPENBUGBOUNTY')
Details:

Description| Value
---|---
Patched:| Yes, at 27.07.2016
Latest check for patch:| 27.07.2016 16:29 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 10854
VIP website status:| Yes

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 4 July, 2016 11:45 GMT
Vulnerability existence verified and confirmed| 7 July, 2016 11:55 GMT
Notification sent to subscribers (without technical details)| 7 July, 2016 14:17 GMT
Vulnerability details disclosed by researcher| 10 July, 2016 10:50 GMT
Vulnerability patched by the website owner| 28 July, 2016 11:03 GMT