Search...

infoclimat.fr Cross Site Scripting vulnerability OBB-2046859

2021-06-09T21:01:00
ID OBB:2046859
Type openbugbounty
Reporter xav0
Modified 2021-07-09T21:01:00

Description

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:

&nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence;
&nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence.

Affected Website:| infoclimat.fr
---|---
Open Bug Bounty Program:| View Open Bug Bounty Program
Vulnerable Application:| Custom Code
Vulnerability Type:| XSS (Cross Site Scripting) / CWE-79
CVSSv3 Score:| 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N]
Disclosure Standard:| Coordinated Disclosure based on ISO 29147 guidelines
Discovered and Reported by:| xav0
Remediation Guide:| OWASP XSS Prevention Cheat Sheet
Export Vulnerability Data:| Bugzilla Vulnerability Data
JIRA Vulnerability Data [ Configuration ]
Mantis Vulnerability Data
Splunk Vulnerability Data
XML Vulnerability Data [ XSD ]

Vulnerable URL:

https: //www. infoclimat. fr/cartes-meteo-temps-reel-images-sat

Screenshot: infoclimat.fr vulnerability

Mirror: Click here to view the mirror

Coordinated Disclosure Timeline

Vulnerability Reported:| 9 June, 2021 21:01 GMT
---|---
Vulnerability Verified:| 9 June, 2021 21:12 GMT
Website Operator Notified via Bug Bounty:| 9 June, 2021 21:12 GMT
Public Report Published [without technical details]:| 9 June, 2021 21:12 GMT
---|---
Vulnerability Fixed:| 8 September, 2021 10:44 GMT
---|---

JSON Vulners Source
Initial Source


All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please mail to content@vulners.com Vulners, 2022
Protected by