www-947.ibm.com XSS vulnerability

2016-07-08T15:36:00
ID OBB:164928
Type openbugbounty
Reporter stamparm
Modified 2017-07-27T10:32:00

Description

Vulnerable URL:
https://www-947.ibm.com/ngusrsrvc/ibmid/jsp/NGSignup.jsp?a=myibm">![](null)<p id="&ctx=001&cc=us&lc=en&Redirect=NextGen&error=&persistPage=true&page=/ngusrsrvc/ibmid/jsp/loginresponse.jsp%3Fa%3Dmyibm%26ctx%3D001%26cc%3Dus%26lc%3Den%26Redirect%3DNextGen&PD-REFERER=https://www.ibm.com/ibmid/NGP.html%3Fa%3Dmyibm%26ctx%3D001%26cc%3Dus%26lc%3Den
</pre>

##### Details:

Description| Value  
---|---  
Patched:| Yes, at 27.07.2017  
Latest check for patch:| 27.07.2017 10:32 GMT  
Vulnerability type:| XSS  
Vulnerability status:| Publicly disclosed  
Alexa Rank| Unknown / Not calculated  
VIP website status:| No  
Check www-947.ibm.com SSL connection:| (Grade: A-)

##### Coordinated Disclosure Timeline:

Description| Value  
---|---  
Vulnerability submitted via Open Bug Bounty| 8 July, 2016 15:36 GMT  
Generic security notifications sent to website owner| 8 July, 2016 15:38 GMT  
Notification sent to subscribers (without technical details)| 8 July, 2016 18:17 GMT  
Vulnerability details disclosed by researcher| 15 July, 2016 16:12 GMT  
Vulnerability patched by the website owner| 27 July, 2017 10:32 GMT